Update now available:
| Module | Now Available | Available via | Configuration Guide | Release Notes |
| Security Policy Template | 18.0.3 | Download and
Check4update |
Configuration Guide | Release Notes |
Supported CounterACT Versions
Customers on the following CounterACT versions can install this update:
- 7.0.0 or above
Description
An update to the Security Policy Template is now available.
This update includes templates that help to mitigate the following threats:
AMD Processor Flaws
A number of vulnerabilities have been discovered in the AMD Ryzen and EPYC processor lines that include manufacturer backdoors in some chipsets and could allow attackers to gain direct access to the CPU. As a result, an attacker could inject persistent malware in the CPU as well as gain access to and steal network credentials.
For more information, see https://amdflaws.com
CredSSP
Credential Security Support Provider protocol (CredSSP) is an authentication provider that processes authentication requests for other applications and is commonly used in RDP (Remote Desktop Protocol) and WinRM (Windows Remote Management).
A remote code execution vulnerability exists in unpatched versions of CredSSP. An attacker who successfully exploits this vulnerability could relay user credentials to execute code on the target system. Any application that depends on CredSSP for authentication may be vulnerable to this type of attack. The vulnerability is a logical one and affects all Windows versions to date.
Exim
Exim is an email server agent used in Unix-like operating systems.
The Exim vulnerability reported in CVE-2018-6789 is an issue in the base64d() function in the SMTP listener in Exim. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789 for more information.
For More Information:
For additional information, please refer to Knowledge Base Article #000005199 which can be accessed via support.forescout.com using your login credentials. You can also contact support@forescout.com for additional questions.
© 2018. ForeScout Technologies, Inc. is a Delaware corporation. The ForeScout logos and trademarks can be found at https://www.forescout.com/company/legal/intellectual-property-patents-trademarks/. Other names mentioned may be trademarks of their respective owners.
