|Products applicable to this communication are as follows:|
A group of researchers have disclosed vulnerabilities impacting CPUs of over two dozen manufacturers, including Intel, AMD and ARM. The vulnerabilities known as Spectre and Meltdown take advantage of a feature in chips known as speculative execution. Several vulnerabilities, as identified by the following CVEs, were found to be affecting all modern Intel CPUs:
- CVE-2017-5753 (Spectre) – Variant #1
- CVE-2017-5715 (Spectre) – Variant #2
- CVE-2017-5754 (Meltdown) – Variant #3
Resolutions for CounterACT:
We are releasing CounterACT Operating Systems Update Pack v18.104.22.168. This version addresses Variant #1 and Variant #3. The update is available and can be utilized by customers that are already running CounterACT Service Pack 3.0.1.
Customers on Service Pack 3.0.0 are strongly encouraged to upgrade to Service Pack 3.0.1 and apply the updated version of the CounterACT Operating Systems Update. Instructions to update to Service Pack 3.0.1 is available in the accompanying release notes.
For customers on versions earlier than CounterACT Service Pack 3.0.0 we are diligently working on a fix for Service Pack version 2.3.4 and will notify you as soon as a solution is available. In the interim, to mitigate exposure, Forescout recommends that organizations review access rights to CounterACT appliances and ensure that access is limited only to trusted administrators from trusted networks or hosts.
For additional information, please refer to KnowledgeBase Articles #5012, #5032, and #5055 which can be accessed via support.forescout.com using your login credentials. The KnowledgeBase articles also have links to the Forescout Security Advisory for your reference.
In case of any questions please contact [email protected] this Alert in whole or in part is strictly forbidden.
THIS NOTIFICATION IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION IN THIS ALERT OR MATERIALS LINKED FROM THIS ALERT IS AT YOUR OWN RISK. FORESCOUT RESERVES THE RIGHT TO CHANGE OR UPDATE THIS ALERT AT ANY TIME.
© 2018. Forescout Technologies, Inc. is a privately held Delaware corporation. Forescout, the Forescout logo, ControlFabric, CounterACT Edge, ActiveResponse and CounterACT (as applicable) are trademarks or registered trademarks of Forescout. Other names mentioned may be trademarks of their respective owners.