Control Compliance Suite, Meltdown and Spectre situation update

book

Article ID: 170763

calendar_today

Updated On:

Products

Control Compliance Suite Vulnerability Manager Control Compliance Suite Windows

Issue/Introduction

Meltdown and Spectre vulnerabilities have been patched and there are questions whether this will affect Control Compliance Suite (CCS).

You are wondering if there is a way to detect Meltdown and Spectre vulnerabilities using CCS suite components.

 

 

Cause

Spectre and Meltdown OS patches applied.

 

Environment

Control Compliance Suite (CCS) 11.x and 12.x

Enterprise Security Manager (ESM) 11.x and 12.x

 

Resolution

Meltdown and Spectre Situation Update :

  • Can I apply the OS vendor patches which provide mitigation for Meltdown and Spectre and continue to use CCS without any problems?
    • CCS has been validated with the OS patches to validate that these patches have no impact on CCS/ESM functionality. At this point, there is no impact to any functionality of CCS/ESM from these patches.

We will continue to monitor as new OS patches are released to ensure CCS functionality is not impacted by any of these patches

  • Does Symantec Control Compliance Suite Vulnerability Manager provide support for the Meltdown and Spectre vulnerabilities?
    • Symantec Control Compliance Suite Vulnerability Manager has added new audits that allows customers to run assessment across the IT assets to detect the vulnerable assets. These audits have updates for the vendor patches releases as well. 

The following audit ID's are released in audit revision 3354 for Control Compliance Suite Vulnerability Manager so you can scan the machine fro possible vulnerability:

  • 67111    Microsoft Cumulative Security Update for Internet Explorer - Jan 2018 OOB
  • 67110    Microsoft Security Update for Windows - Jan 2018 OOB - 2012
  • 67109    Microsoft Security Update for Windows - Jan 2018 OOB - 8.1 / 2012R2
  • 67108    Microsoft Security Update for Windows - Jan 2018 OOB - 7 / 2008R2
  • 67107    Microsoft Security Update for Windows 10 - Jan 2018 OOB
  • 67105    SUSE-SU-2018:0006-1 - Security update for ucode-intel
  • 67104    SUSE-SU-2018:0007-1 - Security update for qemu
  • 67103    SUSE-SU-2018:0008-1 - Security update for kernel-firmware
  • 67101    RHSA-2018:0013 - microcode_ctl security update
  • 67100    RHSA-2018:0012 - microcode_ctl security update
  • 67099    RHSA-2018:0011 - kernel security update
  • 67098    RHSA-2018:0010 - kernel security update
  • 67097    RHSA-2018:0009 - kernel security update
  • 67096    RHSA-2018:0008 - kernel security update
  • 67095    RHSA-2018:0007 - kernel security update
  • 67091 - Apple macOS < 10.13.2 - Multiple Vulnerabilities (HT208331) - 10.13