LOS ANGELES – 10 January 2018 – The Internet Corporation for Assigned Names and Numbers (ICANN) is aware of the Spectre (CVE-2017-5753 and CVE-2017-5715) and Meltdown (CVE-2017-5754) security vulnerabilities that were widely reported on 3 January 2018. To date, ICANN has observed no indications of attempts to exploit these vulnerabilities by targeting online systems or services operated by ICANN or Public Technical Identifiers (PTI).
Meltdown and Spectre are affecting a range of computer processors. As is the case for most organizations, ICANN's IT infrastructure uses systems affected by these vulnerabilities. We are working to address these issues as quickly as possible by applying the relevant patches and updates made available by vendors.
The ICANN Information Technology team continuously monitors our systems for any evidence of attempts to compromise the services we provide and the systems used to provide them. ICANN will continue to track these issues and will provide updates if any significant changes occur.
About ICANN
ICANN's mission is to help ensure a stable, secure and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world. ICANN was formed in 1998 as a not-for-profit public-benefit corporation with a community of participants from all over the world.