Vendors’ response to Meltdown and Spectre Vulnerabilities

Bash ShellShock Bug

The Meltdown and Spectre are two new  vulnerabilities in Intel, AMD and ARM processors which will effect everyone.

There is a very good technical article that the Sophos team have put together explaining in detail the issue, you can read it here, as well as many other websites which are covering the story so I won’t go into much detail, just type Meltdown/Spectre into your favourite search engine.

Instead below is a list of the major vendors which we and customers use and links to any articles they have regarding Meltdown and Spectre and their products.

Keep checking back as I will update this as more details from vendors become available.

If you know of any other Vendor statements regarding the Meltdown/Spectre bugs please add a comment below, and I will incorporate it into the post.

Cert Advisory
https://www.kb.cert.org/vuls/id/584653

SANS Institute
https://isc.sans.edu/forums/diary/Spectre+and+Meltdown+What+You+Need+to+Know+Right+Now/23193/

=====

Apple
https://support.apple.com/en-us/HT208394

https://www.macworld.com/article/3245778/apple-phone/apple-meltdown-spectre-cpu-flaws-statement.html

Avaya
https://downloads.avaya.com/css/P8/documents/101045884

Dell
http://www.dell.com/support/contents/uk/en/ukdhs1/article/product-support/self-support-knowledgebase/software-and-downloads/support-for-meltdown-and-spectre

Dell Sonicwall
https://www.sonicwall.com/en-us/support/product-notification/meltdown-and-spectre-vulnerabilities-a-sonicwall



Draytek
No News from Draytek yet.

Egnyte
https://www.egnyte.com/blog/2018/01/meltdown-spectre-vulnerabilities-in-modern-cpus/

HP
https://h30434.www3.hp.com/t5/Desktop-Operating-Systems-and-Recovery/Intel-Meltdown-and-Spectre/td-p/6496969

HPE
https://community.hpe.com/t5/Servers-The-Right-Compute/Resources-to-help-mitigate-Speculative-Execution-vulnerability/ba-p/6992955#.WlPJ9N9l9aQ

Intel
https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

Microsoft
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180002

Netgear
https://kb.netgear.com/000053240/Security-Advisory-for-Speculative-Code-Execution-Spectre-and-Meltdown-on-Some-ReadyNAS-and-ReadyDATA-Storage-Systems-PSV-2018-0005

Sophos
https://community.sophos.com/kb/en-us/128053

F**CKWIT, aka KAISER, aka KPTI – Intel CPU flaw needs low-level OS patches

Synology
https://www.synology.com/en-uk/support/security/Synology_SA_18_01



Veeam
https://www.veeam.com/kb2427

VMware
https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

https://blogs.vmware.com/services-education-insights/feed-items/meltdown-and-spectre-vmware-patches

Watchguard
https://watchguardsupport.secure.force.com/publicKB?type=KBSecurityIssues&SFDCID=kA62A0000000L4oSAE&lang=en_US

https://www.secplicity.org/2018/01/04/meltdown-spectre-cpu-vulnerabilities/

 

Leave a Reply

Your email address will not be published. Required fields are marked *