Is the Web Gateway vulnerable to Meltdown or Spectre?

book

Article ID: 170814

calendar_today

Updated On:

Products

Web Gateway

Issue/Introduction

You request to know if the Symantec Web Gateway (SWG) is vulnerable to either Meltdown (CVE-2017-5754) or Spectre(CVE-2017-5753 or CVE-2017-5715).

Resolution

  • These issues are present in Dell hardware hosts and in VMWare environments based on vulnerable processors. 
  • Within the operating system of the SWG software, these three issues are not exploitable. To exploit these flaws, an attacker must locally compromise the system and execute malicious code. Symantec Web Gateway is delivered to market with security hardening which prevents local logon and the execution of non-Symantec code.*
  • In a VMWare environment the issue is exploitable from other virtual guests. While an attack could not be launched from SWG Virtual Edition, an attacking guest on the same virtual host as SWG Virtual Edition could read the memory space of SWG. To fully protect against this possibility, please patch the physical host stack, VMWare host operating system, and the operating system of each guest.
  • Dell may issue firmware/microcode patches of their own.  Check support.dell.com for the Dell hardware model in use.

*Note: As of December 7th 2017, Web Gateway has reached the End of Standard Support milestone and begins the Partial Support phase.

During Partial Support, Symantec will not develop new patches or bug fixes to address vulnerabilities and will not escalate issues to management or to engineering for assistance. Symantec will continue to release database updates for malware, antivirus, and content definitions when needed.  Please see http://www.symantec.com/docs/ALERT2504 for additional information regarding SWG Partial Support.

 

Symantec is not responsible for content published on the websites of other companies. The following links are provided as reference for the convenience of our SWG customers.

  • Title: Dell.com: Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell EMC products (Dell Enterprise Servers, Storage and Networking)
    URL: http://www.dell.com/support/article/us/en/19/sln308588/microprocessor-side-channel-vulnerabilities-cve-2017-5715-cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-dell-enterprise-servers-storage-and-networking-?lang=e
  • Title: VMWare.com: VMware Response to Speculative Execution security issues, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 (aka Spectre and Meltdown) (52245)
    URL: https://kb.vmware.com/s/article/52245