Return
-
Title
Is Enterprise Reporter affected by the vulnerabilities for Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) -
Description
How do the new Meltdown and Spectre vulnerabilities affect ER? -
Resolution
Due to the nature of these vulnerabilities, which impact kernel mode functions, ER is indirectly affected however, only hardware and/or OS level patches can provide mitigation/remediation to these issues.Quest recommends that customers follow the guidelines provided by platform providers such as Intel, Microsoft and VMWare to update their systems as relevant patches become available.Please refer to the below links from platform providers for additional information:Intel:https://newsroom.intel.com/news/intel-responds-to-security-research-findings/Microsoft:https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-inhttps://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-executionVMWare:https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html