Control Compliance Suite Vulnerability Manager (CCS-VM) adds new audits to detect processor chip vulnerabilities - Meltdown and Spectre

book

Article ID: 170784

calendar_today

Updated On:

Products

Control Compliance Suite Vulnerability Manager

Issue/Introduction

Your computer’s memory could be vulnerable to unauthorized access. 

Cause

Two new processor chip vulnerabilities Meltdown and Spectre have been discovered. These permit attackers to gain unauthorized access to your computer’s memory.

Spectre affects all modern processors, including those designed by Intel, AMD and ARM.

Meltdown affects only Intel chips manufactured since 1995 except for Itanium and Atom chips made before 2013.

Resolution

Symantec Control Compliance Suite Vulnerability Manager has added new audits that allow customers to run assessments across the IT assets to detect the vulnerable assets. These audits have updates to check for the vendor patches as well.

Symantec Control Compliance Suite has been tested and it is found that the vulnerabilities Meltdown and Spectre have no functional impact on the CCS product or any of it’s components.