Meltdown and Spectre Situation Update :
- Can I apply the OS vendor patches which provide mitigation for Meltdown and Spectre and continue to use CCS without any problems?
- CCS has been validated with the OS patches to validate that these patches have no impact on CCS/ESM functionality. At this point, there is no impact to any functionality of CCS/ESM from these patches.
We will continue to monitor as new OS patches are released to ensure CCS functionality is not impacted by any of these patches
- Does Symantec Control Compliance Suite Vulnerability Manager provide support for the Meltdown and Spectre vulnerabilities?
- Symantec Control Compliance Suite Vulnerability Manager has added new audits that allows customers to run assessment across the IT assets to detect the vulnerable assets. These audits have updates for the vendor patches releases as well.
The following audit ID's are released in audit revision 3354 for Control Compliance Suite Vulnerability Manager so you can scan the machine fro possible vulnerability:
- 67111 Microsoft Cumulative Security Update for Internet Explorer - Jan 2018 OOB
- 67110 Microsoft Security Update for Windows - Jan 2018 OOB - 2012
- 67109 Microsoft Security Update for Windows - Jan 2018 OOB - 8.1 / 2012R2
- 67108 Microsoft Security Update for Windows - Jan 2018 OOB - 7 / 2008R2
- 67107 Microsoft Security Update for Windows 10 - Jan 2018 OOB
- 67105 SUSE-SU-2018:0006-1 - Security update for ucode-intel
- 67104 SUSE-SU-2018:0007-1 - Security update for qemu
- 67103 SUSE-SU-2018:0008-1 - Security update for kernel-firmware
- 67101 RHSA-2018:0013 - microcode_ctl security update
- 67100 RHSA-2018:0012 - microcode_ctl security update
- 67099 RHSA-2018:0011 - kernel security update
- 67098 RHSA-2018:0010 - kernel security update
- 67097 RHSA-2018:0009 - kernel security update
- 67096 RHSA-2018:0008 - kernel security update
- 67095 RHSA-2018:0007 - kernel security update
- 67091 - Apple macOS < 10.13.2 - Multiple Vulnerabilities (HT208331) - 10.13