1 2 3 4 5 6 7 8 9 10
Third-Party-Whitepapers_Icon datasheet smart-tv white-papers videos tech-notes solution-briefs infographics case-studies brochures awards reviews podcasts guides

Forescout

ForeScout
Contact Us

Please fill in the information below and a Forescout representative will contact you.

Request a Demo

Apr 3, 2018

Security Policy Template Update Available for Download

Update now available:

ModuleNow AvailableAvailable viaConfiguration GuideRelease Notes
Security Policy Template 18.0.3Download and

Check4update

Configuration GuideRelease Notes

Supported CounterACT Versions

Customers on the following CounterACT versions can install this update:

  • 7.0.0 or above

Description

An update to the Security Policy Template is now available.

This update includes templates that help to mitigate the following threats:

AMD Processor Flaws

A number of vulnerabilities have been discovered in the AMD Ryzen and EPYC processor lines that include manufacturer backdoors in some chipsets and could allow attackers to gain direct access to the CPU. As a result, an attacker could inject persistent malware in the CPU as well as gain access to and steal network credentials.

For more information, see https://amdflaws.com

CredSSP

Credential Security Support Provider protocol (CredSSP) is an authentication provider that processes authentication requests for other applications and is commonly used in RDP (Remote Desktop Protocol) and WinRM (Windows Remote Management).

A remote code execution vulnerability exists in unpatched versions of CredSSP. An attacker who successfully exploits this vulnerability could relay user credentials to execute code on the target system. Any application that depends on CredSSP for authentication may be vulnerable to this type of attack. The vulnerability is a logical one and affects all Windows versions to date.

Exim

Exim is an email server agent used in Unix-like operating systems.

The Exim vulnerability reported in CVE-2018-6789 is an issue in the base64d() function in the SMTP listener in Exim. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789 for more information.

For More Information:

For additional information, please refer to Knowledge Base Article #000005199 which can be accessed via support.forescout.com using your login credentials. You can also contact [email protected] for additional questions.

 

© 2018. Forescout Technologies, Inc. is a Delaware corporation. The Forescout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners.

Back to Resources
Announcement Archive

Contact Us

Toll-Free (US): 1-866-377-8771
Tel (Intl): +1-408-213-3191
Support: +1-708-237-6591

Headquarters
190 W Tasman Dr.
San Jose, CA, USA 95134