Need to know if Symantec Endpoint Detection and Response (EDR) or Advance Threat Protection (ATP) is vulnerable to either Meltdown (CVE-2017-5754) or Spectre (CVE-2017-5753 or CVE-2017-5715)

1. These issues are present in Dell hardware (8840/8880) and in VMWare environments based on vulnerable processors.
    
2. Within the operating system of ATP/EDR, these three issues are not exploitable. To exploit these flaws, an attacker must locally compromise the system and execute malicious code.
   ATP is delivered to market with security hardening which prevents execution of non-Symantec code.
    
3. In a VMWare environment the issue is exploitable from other virtual guests. While an attack could not be launched from ATP Virtual Edition, an attacking guest on the same virtual host as ATP Virtual Edition could read the memory space of ATP Platform.
   To fully protect against this possibility, patching the physical host stack, VMWare host operating system, and the operating system of each guest is required.
    
4. ATP Platform v3.0.5 includes OS patches for these two issues. The OS patches solves #1, #2, and the guest part of the solution for #3.
    
5. To mitigate the vulnerabilities on ATP hardware, refer to below Dell article:
   Meltdown/Spectre (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) impact on Dell Products

Note: Dell appliance (8840 and 8880) is not supported from EDR build 4.10 onwards.

For steps to check BIOS or Firmware versions on ATP/EDR hardware: Enumerate the currently installed versions of hardware and firmware for Symantec appliances

Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell EMC products (Dell Enterprise Servers, Storage and Networking)

VMware Response to Speculative Execution security issues, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, and CVE-2018-3693 (aka Spectre and Meltdown)