Adam Louca
Chief Security Technologist
Last updated: 09:05 12th Jan 2018
Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. To mitigate these vulnerabilities operating system and application developers have been publishing patches and updates to mitigate these identified issues.
To mitigate the Meltdown vulnerability (CVE-2017-5754) will require a combination of operating system and processor microcode updates. Microcode is a small piece of software that is directly installed on the processor to act as an interface between the hardware and operating system. This Microcode update will be provided by OEM manufacturers and will need to be installed as part of their update mechanism.
To help Softcat’s customers we will be compiling a list of the major manufactures updates and statements to provide a central location for all the updates are they are released. All updates will be posted below.
Aruba
Statement released. Vulnerable products identified. Further investigation ongoing.
“Aruba products are based on a number of different CPU architectures, some of which are affected by the vulnerabilities. However, no Aruba product allows execution of arbitrary code by an unauthorized user. In order to exploit this vulnerability, an attacker would require that ability. Achieving code execution would require the presence of second, unrelated vulnerability, and it is likely that such a vulnerability would already allow compromise of the system without the need for further exploits.”
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-001.txt
Check Point
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will be switched automatically on signature version December 28, 2017 or later
Additional guidance is provided here
Cisco
Vulnerability acknowledged and affected products have been identified, awaiting patches.
Cisco AMP has been updated to allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will need to be switched manually.
Additional guidance is provided here
Citrix
Statement Released. Vulnerability acknowledged and some affected products have been identified and patched, some remaining products are awaiting patches.
https://support.citrix.com/article/CTX231390
Clearswift
Clearswift Product Security Advisory Concerning "Meltdown" and "Spectre"
Clearswift made available on the 3rd January 2018 updates to the RHEL Operating System alongside an Application upgrade (4.7.1) for all Gateway products
Details have been published in a knowledge base article on our support portal and we have put out information on the products UI RSS Feed to alert customers directly. Clearswift customers are advised to login to their Clearswift Support Portal to see the article. Support Portals are accessed here - https://www.clearswift.com/support/portals (Clearswift login required to access)
Cylance
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will need to be switched manually.
Additional guidance is provided here
https://www.cylance.com/en_us/blog/cylance-not-impacted-by-meltdown-or-spectre-vulnerabilities.html
Dell EMC
Statement Released. Vulnerability acknowledged and some affected products have been identified and patched, some remaining products are awaiting patches.
“Dell is aware of new security research describing software analysis methods related to Intel microprocessors. We are working with Intel and others in the industry to investigate and address the issue. For more information, please refer to the article posted on Intel’s website.”
“We are expecting further statements as work continues, however we have released a BIOS firmware today with enhancements to address the issue:“
The following pages will be updated with the latest information on affected Dell / Dell EMC products including BIOS updates as they are available.
- Dell Client
- Dell Enterprise (Dell Servers, Storage and Networking)
- RSA (customer login required)
- Dell EMC Storage & Data Protection (customer login required)
- Dell EMC CPSD (customer login required)
If you are using any PowerEdge server patch tool fed from support.dell.com (such as OpenManage Essentials and Repository Manager) you will see this update in your patch queue flagged as “urgent”.
F5 Networks
Statement Released. Vulnerability acknowledged and some affected products have been identified, awaiting further investigation.
https://support.f5.com/csp/article/K91229003
FireEye
Statement Released. Vulnerability acknowledged and some affected products have been identified, awaiting patches.
Fujitsu
Statement Released. Vulnerability acknowledged and some affected products have been identified and patched, some remaining products are awaiting patches.
“The EMEIA support webpage below details the current publicly available information about the vulnerabilities, affected Fujitsu products and estimated availability of patches and updates for BIOS provided by Fujitsu and other vendors. Not all fixes have release dates yet, and not all BIOS versions are known yet. The webpage will be updated regularly.”
http://support.ts.fujitsu.com/content/SideChannelAnalysisMethod.asp
HPE / Nimble
HPE has made the following system ROM updates which include an updated microcode to resolve the vulnerability:
- HPE has provided a customer bulletin https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00039267en_us with specific instructions to obtain the updated system ROM
- Note:
- CVE-2017-5715 requires that the System ROM be updated and a vendor supplied operating system update be applied as well.
- For CVE-2017-5753, CVE-2017-5754 requires only updates of a vendor supplied operating system.
https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbhf03805en_us
Intel
Statement Released. Vulnerability acknowledged and some affected products have been identified, awaiting patches.
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
Juniper Networks
Statement Released. Vulnerability acknowledged and some affected products have been identified, awaiting further investigation.
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10842&actp=RSS
Kaspersky
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will be switched automatically on before 9th January 2018.
Additional guidance is provided here
https://support.kaspersky.co.uk/14042
Lenovo
Statement Released. Vulnerability acknowledged and some affected products have been identified and patched, Some remaining products are awaiting patches.
https://support.lenovo.com/gb/en/solutions/len-18282
McAfee
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will be switched automatically on version 15.0 R4 or later.
Additional guidance is provided here
https://service.mcafee.com/webcenter/portal/cp/home/articleview?locale=&articleId=TS102769
Microsoft
Statement Released. Vulnerability acknowledged and affected products have been identified and patched.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
NetApp
Statement Released. Vulnerability acknowledged. Further investigation taking place.
https://security.netapp.com/advisory/ntap-20180104-0001/
Nutanix
Statement Released. Vulnerability acknowledged and some affected products have been identified, awaiting patches.
http://download.nutanix.com/alerts/Security-Advisory_0007_v1.pdf
Further information is expected to be posted to https://portal.nutanix.com (Requires Nutanix login to view)
Palo Alto
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the reg key will need to be switched manually.
Additional guidance is provided here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Information-about-Meltdown-and-Spectre-findings/ta-p/193878/jump-to/first-unread-message&sa=D&ust=1515402733875000&usg=AFQjCNFk_9VQGX6leoLPLhsbth4EVxwTEQ
Pure Storage
Statement updated. Vulnerability acknowledged, affected product has been identified. Further investigation ongoing, awaiting patch.
Updates will be provided on the following field bulletin.
https://support.purestorage.com/Field_Bulletins/The_Meltdown_and_Spectre_CPU_Vulnerabilities (Pure1 login required)
Red Hat
Statement Released. Vulnerability acknowledged and some affected products have been identified and patched, some remaining products are awaiting patches.
https://access.redhat.com/security/vulnerabilities/speculativeexecution
Sophos
Statement released. Vulnerability acknowledged, affected product have been identified. Endpoint updates have been deployed. Further investigation ongoing for network appliances, awaiting patches.
Updates will be delivered to - https://community.sophos.com/kb/en-us/128053
Supermicro
Statement Released. Vulnerability acknowledged and some affected products have been identified and patched, some remaining products are awaiting patches.
https://www.supermicro.com/support/security_Intel-SA-00088.cfm
Symantec
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will be switched automatically on version ERASER Engine 117.3.0.358 or greater.
Additional guidance is provided here
https://support.symantec.com/en_US/article.INFO4793.html
Trend Micro
Statement released. To allow for the Meltdown update on Windows (ADV180002) an update will be required and the REG key will need to be switched manually.
Additional guidance is provided here
https://esupport.trendmicro.com/en-us/home/pages/technical-support/1118996.aspx
VMware
Statement Released. Vulnerability acknowledged and affected products have been identified and patched.
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
Need more help?
If you need any further advice or support, please speak to your Softcat account manager or get in touch using the form below
Please note that the information provided is for guidance only and is provided subject to the limitations set out in our website terms of use.