Advanced Threat Defense and Intelligent Sandbox - Meltdown and Spectre vulnerability impact
Last Modified: 2022-11-16 21:46:16 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
After December 1, 2024, please log in to the Thrive Portal for support, knowledge articles, tools, and downloads. For information about using the Thrive Portal, view the Trellix Thrive Portal User Guide.
Advanced Threat Defense and Intelligent Sandbox - Meltdown and Spectre vulnerability impact
Technical Articles ID:
KB90207
Last Modified: 2022-11-16 21:46:16 Etc/GMT Environment
Advanced Threat Defense (ATD) Trellix Intelligent Sandbox (TIS) SummaryThe Meltdown and Spectre vulnerabilities disclosed by Intel® on January 3, 2018, impacted the then available Trellix appliance products. Spectre includes CVE-2017-5715 and CVE-2017-5753, and Meltdown includes CVE-2017-5754.
To successfully exploit these vulnerabilities, an attacker must be able to run crafted code on the affected device. These vulnerabilities have the following impact on ATD/TIS products: ATD/TIS hardware appliances All ATD/TIS appliances are closed systems. But in the form of a sample, the code can be executed inside the Windows VM running on ATD/TIS. ATD/TIS virtual appliances Virtual appliances follow the same rationale as the physical appliances. You must update the underlying system hosting the ATD/TIS VM if its CPU exhibits either of the above vulnerabilities. ATD/TIS software ATD 4.2, 4.0, 3.10, 3.8, and 3.6 are impacted.
Solution
ATD 4.2.2 and 4.0.6, released on February 21, 2018, updated the MLOS kernel to address these vulnerabilities. These updates are included in all subsequent ATD/TIS releases. NOTE: This fix is implemented in software and microcode because both components are needed. While the microcode component can be resolved using a BIOS update, Engineering has decided to implement them using a software update. This method makes sure that the latest vulnerability fixes are applied. IMPORTANT: If you're currently running ATD software versions 4.0 or 4.2, apply the update release with the fix ATD 4.0.6 and ATD 4.2.2 or later. Related Information
For more information about these vulnerabilities, see SB10226 - Security Bulletin - Updates for microprocessors side channel analysis vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 (Meltdown/Spectre).
Affected ProductsLanguages:This article is available in the following languages: |
|