Due to the nature of the vulnerabilities which reside very low in the platform stack our products are installed on, our on-premises solutions are indirectly affected.
Only hardware and/or OS level patches provided by the platform providers (Intel, RedHat, Microsoft, VMWare, etc.) can mitigate or remediate the issues and no code changes are required from our side at this time.
As customers upgrade their infrastructure Quest will stay vigilant for any potential performance impact as a result of the patches on heavy loaded systems such as database server.
Vendor Specific Information & Resources
Official Release: https://meltdownattack.com/
Google: https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html
Microsoft: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180002
* NOTE: Microsoft Windows patches were added to the patch feed on 1/5/18.
* NOTE: Microsoft Windows patches will only be detected missing on systems with the existence of a registry value written by anti-virus vendors to avoid BSOD or worse issues. More information is available here.
Oracle: https://linux.oracle.com/errata/ELSA-2018-0007.html
RedHat: https://access.redhat.com/security/vulnerabilities/speculativeexecution
SuSE: https://www.suse.com/c/suse-addresses-meltdown-spectre-vulnerabilities/
Ubuntu: https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities
VMware: https://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center