A10 Networks |
SPECTRE/MELTDOWN - CVE-2017-5715/5753/5754 |
A56 Informatique |
Infrastructure VMWare et failles « Spectre » et « Meltdown » |
AbacusNext |
AbacusNext Research and Statement on Meltdown / Spectre |
ABB |
ABB Doc Id 9AKK107045A8219: Cyber Security Notification - Meltdown & Spectre |
Abbott |
Cybersecurity Update on Meltdown and Spectre |
Accenture |
Accenture Security Cyber Advisory Processor Chip Design Vulnerabilities
脆弱性「Meltdown」「Spectre」最新のサイバー攻撃事例と、企業・組織を守るための実践的なステップを紹介します。 |
Acer |
Answer ID 53104: Meltdown and Spectre security vulnerabilities |
Acronis |
KB 60847: Acronis Access Advanced: Spectre and Meltdown vulnerabilities |
ADP |
Information Regarding Meltdown and Spectre Vulnerabilities |
Adtran |
ADTRAN Spectre and Meltdown Attack Advisory (ADTSA-2018001) REV E |
Aerohive |
Product Security Announcement: Aerohive's response to Meltdown and Spectre |
AgileBits |
Same as it ever was: There’s no reason to melt down |
AhnLab |
[Notice] Security Alert for Intel CPU Flaw |
Aiven |
Aiven statement on Meltdown and Spectre vulnerabilities |
Akamai |
Impact of Meltdown and Spectre on Akamai |
Algolia |
The Meltdown and Spectre impact on Algolia infrastructure |
Alibaba Cloud |
[Security Bulletin] Intel Processor Meltdown and Specter Security Vulnerability Bulletin |
Altaro |
The Actual Performance Impact of Spectre/Meltdown Hyper-V Updates
|
Amazon (AWS) |
AWS-2018-013: Processor Speculative Execution Research Disclosure |
AMD |
An Update on AMD Processor Security
Managing Speculation on AMD Processors |
American Megatrends |
American Megatrends Statement in Response to “Meltdown” and “Spectre” Security Vulnerabilities |
Android (Google) |
Android Security Bulletin—January 2018 |
Apache |
Protecting Apache Ignite from 'Meltdown' and 'Spectre' vulnerabilities |
APC |
|
Appalachia Technologies |
Spectre + Meltdown |
Apple
|
HT208331: About the security content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
HT208394: About speculative execution vulnerabilities in ARM-based and Intel CPUs
HT208403: About the security content of Safari 11.0.2 |
Aptible |
Meltdown and Spectre are Critical Vulnerabilities for Cloud Infrastructure. Here’s How the Aptible Security Team Responded |
Arca Noae (OS/2) |
Policy statement concerning Spectre and Meltdown exploits |
Arcabit |
Spectre i Meltdown - Arcabit i mks_vir kompatybilne z poprawkami Microsoft |
ArchLinux |
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754
|
Arista Networks |
Security Advisory 0031: Arista Products vulnerability report |
ARM |
Vulnerability of Speculative Processors to Cache Timing Side-Channel Mechanism
Cache Speculation Side-channels whitepaper
ARM Trusted Firmware Security Advisory TFV 6
Compiler support for mitigations
Arm64 KPTI Kernel Patches |
Aruba Networks |
ARUBA-PSA-2018-001: Unauthorized Memory Disclosure through CPU Side-Channel Attacks ("Meltdown" and "Spectre") |
Aspera |
Security Bulletin: Aspera Products and the Meltdown and Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) |
ASRock |
ASRock New Bios Update For Speculated System Vulnerability
New BIOS for Intel SA-00088 security update
FAQ ID 33: What is Meltdown and Spectre issue
ASRock Support: Latest BIOS Update
|
ASUS |
ASUS Motherboards Microcode Update for Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
ASUS Update on Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method |
Asustor |
ASUSTOR responds to Intel Meltdown and Spectre vulnerabilities
因應 Intel Meltdown 與 Spectre 安全漏洞,華芸釋出ADM 3.0.5 韌體與AS6302T / AS6404T的 BIOS更新 |
Atlassian |
Update on Meltdown and Spectre processor vulnerabilities
Hipchat Data Center release notes: Hipchat Data Center 3.1.3 - January 22nd 2018 - Production channel
Hipchat Server Release Notes: Hipchat Server 2.2.8 - January 15th, 2018 |
Auth0 |
Meltdown & Spectre: What Auth0 Customers Need to Know |
Autodesk |
Autodesk Vault and the "Meltdown" and "Spectre" vulnerabilities
Autodesk Vault und dem meltdown" und "spectre" Schwachstellen
Autodesk Vault et arborescence du "spectre meltdown vulnérabilités" et de"
Autodesk Vault e il "e" meltdown spectre" Vulnerabilities
Autodesk Vault 및 "Meltdown" 및 "Spectre" 보안
Autodesk Vault и "Meltdown" и "Spectre" уязвимости |
Avast |
Avast Antivirus compatibility with Windows update for Meltdown and Spectre vulnerabilities |
Avaya |
ASA-2018-001: linux-firmware security update (RHSA-2018-0007)
ASA-2018-002: linux-firmware security update (RHSA-2018-0013)
ASA-2018-004: linux-firmware security update (RHSA-2018-0012)
ASA-2018-005: linux-firmware security update (RHSA-2018-0008)
ASA-2018-006: linux-firmware security update (RHSA-2018-0014)
ASA-2018-011: VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution. (VMSA-2018-0002) |
AVG |
AVG Antivirus compatibility with Windows update for Meltdown and Spectre vulnerabilities |
Avira |
Don’t be afraid of a ‘Meltdown’ with the new Microsoft update
Answer 71132: Is Avira Antivirus compatible with the new Microsoft patch for the Meltdown vulnerability? |
AVM |
Aktuelle Sicherheitshinweise: Meltdown und Spectre – keine Angriffsmöglichkeit bei AVM-Produkten |
Azure (Microsoft) |
Securing Azure customers from CPU vulnerability Microsoft Cloud Protections Against Speculative Execution Side-Channel Vulnerabilities
Guidance for mitigating speculative execution side-channel vulnerabilities in Azure |
Barkly |
The Meltdown and Spectre CPU Bugs, Explained |
Barracuda Networks |
Barracuda Networks Security Advisory |
BD |
Product Security
Product security bulletin for Meltdown and Spectre
Product security bulletin for Meltdown and Spectre Update 1 |
Beckman Coulter |
Meltdown/Spectre Processor Chip Vulnerability |
BerganKDV |
Security Alert: Meltdown and Spectre Hardware Bugs Put Nearly All Devices at Risk |
BitDefender |
2072: Understanding the impact of Meltdown and Spectre CPU exploits on Bitdefender GravityZone users
9033: Information for Bitdefender users on the Microsoft January 2018 Security Update |
Bitnami |
Spectre and Meltdown: Privileged memory read vulnerability in several CPUs (Reading privileged memory with a side-channel) |
BlackBerry |
Article Number: 000047401 BlackBerry powered by Android Security Bulletin – January 2018 (see CVE-2017-13218) |
BMC |
CPU Vulnerabilities - Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715)
Update: CPU Vulnerabilities - Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715)
|
Bomgar |
Bomgar and the latest CVEs |
Box |
The Meltdown and Spectre CPU vulnerabilities: What you need to know as a Box customer
Update: The Meltdown and Spectre CPU vulnerabilities: What you need to know as a Box customer |
BrightSign |
Security Statement: Meltdown and Spectre Vulnerabilities |
brightsolid |
Processor Vulnerability Advice |
Broadcom |
Emulex Connectivity Division Security Advisory: Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method Vulnerabilities (Spectre, Meltdown) |
Bromium |
Important information relating to the Intel CPU design flaw |
Buffalo |
CPU -Vulnerability(CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 |
BullGuard |
Intel, ARM and AMD chip flaws - Advice |
CA Technologies |
DOC-231179418: Meltdown / Spectre vulnerabilities - Workload Automation AE / DE / Agents Advisory
TEC1272616: Addressing the Spectre and Meltdown Vulnerabilities (CVE-2017-5754, CVE-2017-5753, CVE-2017-5715) for the API Management Product Suite
Official announcement on Meldown/Spectre |
Canon |
Regarding the CPU vulnerabilities Meltdown and Spectre |
Capsule8 |
Part One: Detecting Meltdown using Capsule8
Part Two: Detecting Meltdown and Spectre by Detecting Cache Side Channels |
Carbon Black |
Carbon Black Solutions Currently Compatible With Major OS Vendor Patches on Meltdown & Spectre |
Catalyst |
Spectre and Meltdown - security advisory |
CentOS |
CESA-2018:0007 Important CentOS 7 kernel Security Update
CESA-2018:0008 Important CentOS 6 kernel Security Update
CESA-2018:0012 Important CentOS 7 microcode_ctl Security Update
CESA-2018:0013 Important CentOS 6 microcode_ctl Security Update
CESA-2018:0014 Important CentOS 7 linux-firmware Security Update |
Check Point |
sk122205: Check Point Response to Meltdown and Spectre (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) |
Chromium |
Actions Required to Mitigate Speculative Side-Channel Attack Techniques
Status of mitigations for CVE-2017-5754 (Meltdown) for each Chrome OS device |
Cisco |
cisco-sa-20180104-cpusidechannel - CPU Side-Channel Information Disclosure Vulnerabilities
Alert ID 56354: CPU Side-Channel Information Disclosure Vulnerabilities |
Citrix |
CTX231399: Citrix Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 |
ClearOS |
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754 |
Cloud Foundry |
Meltdown and Spectre Attacks |
Commvault |
Security: Meltdown and Spectre Chip Vulnerability |
Comodo |
Meltdown and Spectre – Serious Vulnerabilities Which Affect Nearly Every Computer and Device |
ConnectWise |
Meltdown and Spectre Sparks Fire for Immediate OS Patch |
Contegix |
Our Response to Meltdown and Spectre |
CoreOS |
Container Linux patched to address Meltdown vulnerability |
Couchbase |
Speculative Execution Processor Vulnerabilities – ‘Meltdown and Spectre’: What you need to know |
cPanel |
Meltdown - CVE-2017-5753 CVE-2017-5715 CVE-2017-5754 |
Crestron |
Answer ID 5471: The latest details from Crestron on security and safety on the Internet |
Cumulus Networks |
Meltdown and Spectre: Modern CPU Vulnerabilities
Cumulus Networks® Security Advisory 2018-January-4
|
CyberAdapt |
The Spectre of a Meltdown: |
Cybereason |
What are the Spectre and Meltdown CPU vulnerabilities |
Cylance |
Meltdown and Spectre Vulnerabilities (account required)
Cylance Not Impacted by Meltdown or Spectre Vulnerabilities |
Cyren |
IMPORTANT - Hotfix 2018-01 for F-PROT and CSAM |
Dahua Technology |
Security Notice 331 – information on critical vulnerabilities, Meltdown and Spectre, affecting CPU processors |
Datto |
Partner Meltdown Security Update |
Debian |
Debian Security Advisory DSA-4078-1 linux -- security update |
Deep Instinct |
Deep Instinct Announces it is Not Impacted by Meltdown or Spectre Vulnerabilities |
Dell |
Meltdown and Spectre Vulnerabilities
SLN308587 - Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products
SLN308588 - Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell EMC products (Dell Enterprise Servers, Storage and Networking)
SLN308615 - Microprocessor Side-Channel Vulnerabilities “Meltdown” and “Spectre” (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell Data Security Solutions |
Dell EMC |
DOCU87480: Technical Documentation
Cloud for Microsoft Azure Stack 1712 Patch and Update Guide
DOCU85636: EMC Secure Remote Services 3.26.10.06 Common Vulnerabilities and Exposures (CVE) Identifiers List |
Deloitte |
Análisis Gestión de vulnerabilidad Meltdown & Spectre
Kurz und knapp: Spectre & Meltdown |
DFI |
DFI Update of Intel Security Vulnerabilities Issue |
Digi |
Spectre and Meltdown Vulnerabilities - (CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754) |
Digital Ocean |
A Message About Intel Security Findings
How To Protect Your Server Against the Meltdown and Spectre Vulnerabilities |
DocuSign |
Update 1/4/2018 – DocuSign Meltdown and Spectre Security Alert Status
Update 1/12/2018 – DocuSign Meltdown and Spectre Response Status |
Draeger |
Dräger Product Security Advisory 201801: Meltdown and Spectre Vulnerabilities |
Dragonfly BSD |
Intel Meltdown bug mitigation in master
More Meltdown fixes |
Drupal |
Drupal.org Updates - Mitigating the risks of Spectre and Meltdown
Addressing meltdown/spectre in Drupal |
Druva |
Troubleshooting Spectre and Meltdown |
Duo Security |
Article 4612: Is Duo affected by the recent Spectre or Meltdown vulnerabilities? |
Edificom |
Meltdown and Spectre Vulnerabilities |
EFI |
Tech Note 5558: Intel CPU Security Vulnerabilities: Spectre, Meltdown |
Elastic |
Elastic Cloud and Meltdown |
Electro Rent |
Information regarding “Meltdown and Spectre” CPU vulnerabilities |
Emerson |
Meltdown and Spectre Vulnerabilities (account required) |
Emsisoft |
Chip vulnerabilities and Emsisoft: What you need to know |
Endgame |
Endgame Is Compatible with the Spectre/Meltdown Patches |
Ensilo |
Frequently Asked Questions: Spectre & Meltdown |
Epic Games |
Epic Services & Stability Update |
ESET |
ESET Customer Advisory 2018-001: Spectre and Meltdown Vulnerabilities Discovered
ESET Knowledgebase Article 6662: Best practices against the Spectre and Meltdown vulnerabilities
ESET Support News 6657: ESET Endpoint Security and ESET Endpoint Antivirus version 6.6.2072.2 and 6.5.2118.2 have been released
ESET Support News 6658: ESET Cyber Security Pro and ESET Cyber Security version 6.5.600.2 have been released
ESET Newsroom: Meltdown & Spectre: How to protect yourself from these CPU security flaws
ESET We Live Security: MADIoT – The nightmare after XMAS (and Meltdown, and Spectre) |
ESTsecurity |
인텔 CPU 취약점(Meltdown&Spectre) 분석 및 이스트시큐리티 대응상황 |
EVGA |
X299 BIOS Updates with Pre/Post Spectre updates
Z170 BIOS Update with Spectre updates
Z270 BIOS Update with Spectre updates
Z370 BIOS Updates with Pre/Post Spectre updates |
ExtraHop |
Spectre and Meltdown attacks |
Extreme Networks |
Meltdown and Spectre (VN 2017-001 & VN 2017-002)
VN 2018-001 (CVE-2017-5715, CVE-2017-5753 - Spectre)
VN 2018-002 (CVE-2017-5754 - Meltdown) |
F5 Networks |
K91229003: Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 |
Faronics |
KB 435: Faronics Antivirus and Microsoft updates from January 3, 2018 (Spectre / Meltdown) |
Fasthosts |
Answer ID 3136: Mitigating Meltdown and Spectre - Linux |
Fedora |
Protect your Fedora system against Meltdown |
Fifty Seven Network |
Meltdown, Spectre, and Smartsheet |
FireEye |
FireEye Endpoint Security Agent is Compatible with the Meltdown Windows Security Update |
Forcepoint |
Forcepoint Updates on Spectre and Meltdown
KB000014933: Meltdown and Spectre Vulnerability CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 |
ForeScout |
Meltdown and Spectre CPU Vulnerabilities |
Fortinet |
Fortinet Advisory on New Spectre and Meltdown Vulnerabilities |
Foundation IT |
Meltdown and Spectre Exploits |
FreeBSD |
FreeBSD News Flash
Response to Meltdown and Spectre |
Fujitsu |
CPU hardware vulnerable to side-channel attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
Side-Channel Analysis Method: (Spectre & Meltdown) Security Review |
G DATA |
"Meltdown" and "Spectre": researchers discover severe CPU bugs |
Gandi |
Meltdown and Spectre vulnerabilities |
Gemalto |
Meltdown and Spectre microprocessor vulnerabilities |
General Electric |
ID 000020832 (account required) |
Gentoo Linux |
Bug 643340 (CVE-2017-5753) - [TRACKER] hw: cpu: speculative execution bounds-check bypass (CVE-2017-5753)
Bug 643342 (CVE-2017-5715) - [TRACKER] hw: cpu: speculative execution branch target injection (CVE-2017-5715)
Bug 643344 (CVE-2017-5754) - [TRACKER] hw: cpu: speculative execution permission faults handling (CVE-2017-5754) |
Getac |
Getac’s Statement on Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method |
GFI |
GFI LanGuard - Security flaws "Meltdown" and "Spectre" affecting CPU |
Gigabyte |
BIOS update for Side Channel Analysis Security issue Mitigations |
Google |
Google Project Zero: Reading Privileged Memory with a Side-Channel
Google’s Mitigations Against CPU Speculative Execution Attack Methods |
Heroku |
Meltdown and Spectre Security Update |
Hetzner Online |
Spectre and Meltdown |
Hikvision |
SNNo: HSRC-201801-08 - Statement on the Meltdown and Spectre Vulnerabilities in the Intel CPU Architecture Design
|
Hitachi |
Hitachi Storage Solutions: Notice on "side channel attack to the CPUs with speculative execution function"
Hitachi Vantara: Support Information: CVE Security Notices (account required) |
Honeywell |
Meltdown and Spectre Vulnerabilities |
HP |
Document ID: c05869091: HPSBHF03573 rev. 2 - Side-Channel Analysis Method |
HPE |
Side Channel Analysis Method allows information disclosure in Microprocessors (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
HPESBHF03805 - Certain HPE products using Microprocessors from Intel, AMD, and ARM, with Speculative Execution, Elevation of Privilege and Information Disclosure.
a00039267en_us: Bulletin: (Revision) HPE ProLiant, Moonshot and Synergy Servers - Side Channel Analysis Method Allows Improper Information Disclosure in Microprocessors (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
a00039784en_us: Advisory: (Revision) ProLiant Gen8, Gen9 and Gen10 Series Servers - CUSTOMER ACTION REQUIRED: Some System ROMs That Addressed the Side Channel Analysis Vulnerability Have Been Removed from the HPE Download Site |
Huawei |
Security Notice - Statement on the Media Disclosure of the Security Vulnerabilities in the Intel CPU Architecture Design |
iBASE |
Notice - Meltdown and Spectre Security Vulnerabilities |
IBM |
Potential CPU Security Issue
Potential Impact on Processors in the POWER Family
IBM Security Security Bulletin: IBM has released AIX and VIOS iFixes in response to the vulnerabilities known as Spectre and Meltdown.
Central Processor Unit (CPU) Architectural Design Flaws
Central Processor Unit (CPU) Architectural Design Flaws
Central Processor Unit (CPU) Architectural Design Flaws - additional guidance for Db2 customers
IBM MQ Advice Regarding Operating System Security Patches for Spectre and Meltdown
Action required for IBM MQ on AWS Quick Start for security vulnerabilities in Ubuntu.
QRadar Meltdown/Spectre CVEs support considerations
Security Bulletin 2012718: IBM StoredIQ is affected by the vulnerabilities known as Spectre and Meltdown.
Security Bulletin T1026811: This Power firmware update is being released to address Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754 (known as Spectre and Meltdown)
Security Bulletin T1026831: IBM Cloud Manager is affected by the vulnerabilities known as Spectre and Meltdown
Security Bulletin T1026905: Potential CPU security issue with IBM System x, Flex and BladeCenter Systems
Security Bulletin T1026912: IBM has released AIX and VIOS iFixes in response to the vulnerabilities known as Spectre and Meltdown.
Security Bulletin N1022433: IBM has released PTFs in response to the vulnerabilities known as Spectre and Meltdown |
IGEL |
IGEL Furthers Product Security with Meltdown and Spectre Fix |
Igloo Software |
Security Alerts |
Ikarus |
Two far-reaching vulnerabilities discovered in all modern CPUs. Some updates are available
Zwei weitreichende Sicherheitslücken in allen modernen CPUs entdeckt. Einige Updates sind bereits verfügbar.
Update zum Thema Meltdown & Spectre |
Imperva |
Imperva Security Response to “Meltdown” and “Spectre” Exploits (Side-Channel Attacks to CPU privileged memory) |
Infor |
A message to our customers about the Meltdown and Spectre vulnerabilities |
Inmotion Hosting |
UPDATE (Jan 12, 2018): Spectre and Meltdown |
Intego |
Meltdown and Spectre: What Apple Users Need to Know |
Intel |
Side-Channel Attacks - Vulneratiliby Analysis< News, and Updates
INTEL-SA-00088 Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
INTEL-SA-00088 for Intel NUC, Intel Compute Stick, and Intel Compute Card
INTEL-SA-00088 for Intel Server Boards, Intel Server Systems, and Intel Server Accessories
INTEL-OSS-10002: Speculative Execution Branch Prediction Side Channel and Branch Prediction Analysis Method
INTEL-OSS-10003: Speculative Execution Data Cache and Indirect Branch Prediction Method Side Channel Analysis
DOC 336996-001: Speculative Execution Side Channel Mitigations
Intel Analysis of Speculative Execution Side Channels
Microcode Revision Guidance
Security Exploits and Intel Products
Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners
Security Issue Update: Progress Continues on Firmware Updates |
Ivanti |
DOC-65669: Ivanti Device and Application Control (formerly HEAT Endpoint Security) compatibility with Microsoft patches for Meltdown/Spectre |
Jiangmin |
江民科技发布:CPU漏洞分析报告及解决方案 |
Johnson & Johnson |
January 12, 2017 - Product Security Notification for Meltdown and Spectre |
Johnson Controls |
Meltdown and Spectre Vulnerabilities |
Joyent |
(UPDATED 22-Jan-2018) Security Advisory: Intel Security Findings: "Meltdown" and "Spectre" |
Juniper |
JSA10842: 2018-01 Out of Cycle Security Bulletin: Meltdown & Spectre: CPU Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method |
K7 Computing |
K7 Products are Compatible with Meltdown & Spectre Patches! |
Kaseya |
Meltdown and Spectre FAQs |
Kaspersky Lab |
Kaspersky Lab Daily January 4, 2018: Two severe vulnerabilities found in Intel’s hardware
ID: 14042: Compatibility of Kaspersky Lab solutions with the Microsoft Security update of January 3, 2018 |
KEMP Technologies |
Meltdown and Spectre (CVE-2017-5754 & CVE-2017-5753) |
KNOPPIX |
Sicherheitslücke in allen aktuellen Prozessoren Meltdown und Spectre |
Konica Minolta |
Spectre and Meltdown CPU Vulnerabilities and Konica Minolta MFPs |
Kyocera |
Kyocera Document Solutions Europe Update - Spectre meltdown Whitepaper |
LANCOM Systems |
Allgemeine Sicherheitshinweise: Spectre und Meltdown: LANCOM Geräte sind nicht betroffen |
Lansweeper |
Windows Meltdown-Spectre patches: Preliminary report
Discover devices vulnerable to the Meltdown CPU flaw
Meltdown and Spectre |
Lenovo |
Lenovo Security Advisory LEN-18282: Reading Privileged Memory with a Side Channel |
Lime Technology |
unRAID Server OS 6.4.0 Released |
Linode |
CPU Vulnerabilities: Meltdown & Spectre |
Linux Mint |
Security notice: Meltdown and Spectre |
Liquid Web |
Here Is What You Need to Know About Meltdown and Spectre |
Littlefish |
Meltdown & Spectre Security Vulnerabilities |
LLVM |
D41723: Introduce the "retpoline" x86 mitigation technique for variant #2 of the speculative execution vulnerabilities
D41760: Introduce __builtin_load_no_speculate
D41761: Introduce llvm.nospeculateload intrinsic
|
Mageia Linux |
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754 |
Malwarebytes |
DOC-2297: Meltdown and Spectre Vulnerabilities - what you should do to protect your computer |
ManageEngine |
Meltdown and Spectre: Battling the bugs in Intel, AMD, and ARM processors
MS18-JAN5: Prerequisite Handler for Meltdown and Spectre |
McAfee |
TS102769: Microsoft Security Update January 2018 (Meltdown and Spectre) and McAfee consumer products
KB90167: Meltdown and Spectre – McAfee Business and Enterprise Product Compatibility Update |
Medtronic |
Security Updates: Spectre/Meltdown (Jan. 19, 2018) |
Micro Focus |
KB7022526: Advanced Authentication and Meltdown and Spectre Vulnerabilities
KB7022558: iPrint Appliance and Meltdown / Spectre vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
KB7022571: Spectre and Meltdown Vulnerabilities on Service Desk Appliance
KB7022572: Spectre and Meltdown Vulnerabilities on ZENworks and ZENworks Reporting Appliances
KB7022578: Meltdown and Spectre CVE-2017-5754, CVE-2017-5753, and CVE-2017-5715
KB7022589: Recommendations for Meltdown and Spectre Vulnerability for PlateSpin products. |
Microlease |
Information regarding “Meltdown and Spectre” CPU vulnerabilities |
Microsoft |
Security Advisory 180002: Guidance to mitigate speculative execution side-channel vulnerabilities
KB4056890: Windows 10 Update (OS Build 14393.2007)
KB4072698: Windows Server guidance to protect against speculative execution side-channel vulnerabilities
KB4072699: Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software
KB4073065: Surface Guidance to protect against speculative execution side-channel vulnerabilities
KB4073119: Windows Client guidance for IT Pros to protect against speculative execution side-channel vulnerabilities
KB4073225: SQL Server Guidance to protect against speculative execution side-channel vulnerabilities
KB4073757: Protect your Windows devices against Spectre and Meltdown
KB4090007: Intel microcode updates
KB4093836: Summary of Intel microcode pdates
Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer
Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems
Protecting guest virtual machines from CVE-2017-5715 (branch target injection)
SpeculationControl module provides the ability to query the speculation control settings for the system.
Update on Spectre and Meltdown security updates for Windows devices |
MicroWorld Technologies |
Meltdown and Spectre – CPU Vulnerabilities |
Mitel |
Mitel Product Security Advisory 18-0001: Side-Channel Analysis Vulnerabilities |
Mozilla |
Mozilla Foundation Security Advisory 2018-01: Speculative execution side-channel attack ("Spectre") |
MSI |
MSI pushes out motherboard BIOS updates to tackle recent security vulnerabilities |
myAirWatch |
Security Vulnerability: CVE-2017-5753, CVE-2017-5715 (Spectre), and CVE-2017-5754 (Meltdown) |
NANO Security |
Совместимость с обновлением безопасности, закрывающим уязвимости Spectre и Meltdown |
NetApp |
NTAP-20180104-0001: Processor Speculated Execution Vulnerabilities in NetApp Products |
Netgate |
An update on Meltdown and Spectre |
Netgear |
PSV-2018-0005: Security Advisory for Speculative Code Execution (Spectre and Meltdown) on Some ReadyNAS and ReadyDATA Storage Systems |
Neverware |
Meltdown, Spectre, and CloudReady
UPDATE: CloudReady v61.3 released on all channels of the Home Edition |
Nexsan |
Microprocessor Side-Channel Vulnerabilities Meltdown and Spectre |
Nexusguard |
What are Meltdown and Spectre and How Do They Impact Nexusguard? |
NGINX |
NGINX Response to the Meltdown and Spectre Vulnerabilities |
Nutanix |
Advisory ID nutanix-sa-007-specexvul: Side-Channel Speculative Execution Vulnerabilities January 2018 |
nVidia |
ID 4609: Speculative Side Channels
ID 4610: NVIDIA GeForce Experience Security Updates for CPU Speculative Side Channel Vulnerabilities
ID 4611: NVIDIA GPU Display Driver Security Updates for Speculative Side Channels
ID 1612: NVIDIA DGX Systems - Response to speculative side channels CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754
ID 4613: NVIDIA Shield TV Security Updates for Speculative Side Channels
ID 4614: NVIDIA Shield Tablet Security Updates for Speculative Side Channels
ID 4616: ID: NVIDIA Tegra Jetson TX1 L4T and Jetson TK1 L4T Security Updates for Speculative Side Channels
ID 4617: NVIDIA Jetson TX2 L4T Security Updates for CPU Speculative Side Channel Vulnerabilities |
Nyotron |
Nyotron’s PARANOID is Compatible with Microsoft Patch for Meltdown and Spectre |
Okta |
Security Bulletin: Meltdown and Spectre vulnerabilities |
OnApp |
Meltdown and Spectre CPU Issues |
One Identity |
KB237253: Is Safeguard affected by the Spectre vulnerability (CVE-2017-5753 & CVE-2017-5754) or Meltdown (CVE-2017-5715)? (237253) |
Open Telekom |
Open Telekom Cloud Security Advisory about Processor Speculation Leaks (Meltdown/Spectre) |
OpenBSD |
Meltdown |
OpenGear |
CVE-2017-5754, CVE-2017-5715, CVE-2017-5753 - Meltdown and Spectre CPU Vulnerabilities |
OpenStack |
OpenStack, Spectre and Meltdown: What you need to know |
OpenSUSE |
[Security-Announce] Meltdown and Spectre Attacks |
Optiv Security |
Regarding Spectre and Meltdown |
Oracle |
Oracle Critical Patch Update Advisory - January 2018
Doc ID 2347948.1: Addendum to the January 2018 Critical Patch Update Advisory for Spectre and Meltdown (account required)
Doc ID 2338411.1: January 2018 Critical Patch Update: Executive Summary and Analysis (account required) |
Oracle Linux |
Oracle Linux CVE repository: CVE-2017-5715
Oracle Linux CVE repository: CVE-2017-5753
Oracle Linux CVE repository: CVE-2017-5754 |
OSIsoft |
AL00333 - Meltdown and Spectre: What PI System users need to know about these vulnerabilities |
Outpost24 |
Meltdown and Spectre Vulnerabilities for CPUs |
OVH |
Information about Meltdown and Spectre vulnerability fixes
Find your patch for Meltdown and Spectre |
ownCloud |
After Spectre and Meltdown: Why “Private” means “Performance” |
Packet |
Guide to Meltdown / Spectre CPU Vulnerabilities |
Palo Alto Networks |
Information about Meltdown and Spectre findings (PAN-SA-2018-0001 |
Panasonic |
G18-001: Security information of vulnerability by Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method |
Panda Security |
100059: Important information regarding Meltdown/Spectre and Microsoft Security Advisor ADV180002 |
Parrot |
meltdown/spectre security patches
Parrot 3.11 release notes |
Patchman |
Impending urgent security updates |
Pepperl+Fuchs |
TDOCT-6012_ENG: Security Advisory for Meltdown and Spectre Attacks in HMI Devices |
Philips |
Security Advisory & Archive: Customer information on Meltdown & Spectre Global Security Issue |
Phoenix Contact |
300402819: Security Advisory addressing Meltdown and Spectre vulnerabilities [CVE-2017-5754, CVE-2017-5715, CVE-2017-5753] |
Platform.sh |
Spectre/Meltdown Security Update Notice |
Plesk |
CVE-2017-5715 Spectre vulnerability variant 2
CVE-2017-5753 Spectre vulnerability variant 1
CVE-2017-5754 Meltdown vulnerability |
Polycomm |
SECURITY ADVISORY – Processor based “Speculative Execution” Vulnerabilities AKA "Spectre" and "Meltdown" |
PostgreSQL |
heads up: Fix for intel hardware bug will lead to performance regressions |
Prgmr.com |
Speculative information disclosure
Updates on speculative information disclosure - Thu, 04 Jan 2018
Updates on speculative information disclosure - Tue, 09 Jan 2018 |
Protiviti |
Security Advisory - New Class of Vulnerabilities Introduced to Enterprise Systems: Meltdown and Spectre |
Proxmox |
Meltdown and Spectre Linux Kernel fixes |
Puget Custom Computers |
Meltdown and Spectre
Intel CPU flaw kernel patch effects - GPU compute Tensorflow Caffe and LMDB database creation |
Pulse Secure |
KB43597 - Impact of CVE-2017-5753 (Bounds Check bypass, AKA Spectre), CVE-2017-5715 (Branch Target Injection, AKA Spectre) and CVE-2017-5754 (Meltdown) on Pulse Secure Products
KB43600 - After installing January 3, 2018 Microsoft Patches, Pulse client connections fail when Host Checker is applied |
Puppet |
Verify Spectre / Meltdown protections remotely with Puppet Bolt on Windows
A Puppet module for detecting and remediating Meltdown / Spectre
Detect and remediate Meltdown / Spectre vulnerability |
Purism |
Meltdown, Spectre and the Future of Secure Hardware
Purism patches Meltdown and Spectre variant 2, both included in all new Librem laptops |
PWC |
Meltdown y Spectre Una amenaza latente en su organización |
QEMU |
QEMU and the Spectre and Meltdown attacks |
Qihu 360 |
Meltdown与Spectre:近期CPU特性漏洞安全公告
360:处理器Meltdown与Spectre漏洞修复简要指南 |
QNAP |
NAS-201801-08: Security Advisory for Speculative Execution Vulnerabilities in Processors |
Qualys |
Processor Vulnerabilities – Meltdown and Spectre
HOW-TO 000002746: Qualys Response to Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715) |
Quanta |
Intel Security Advisory update |
Qubes OS |
Announcement regarding XSA-254 (Meltdown and Spectre attacks) |
Qubole |
Qubole Security Update Notice |
Quest |
KB237413: Meltdown (CVE-2017-5715) and Spectre (CVE-2017-5753 & CVE-2017-5754) CPU Vulnerability (237413) |
Quick Heal |
Quick Heal is compatible with Microsoft’s Jan 3 update for Meltdown and Spectre
Seqrite is compatible with Microsoft’s Jan 3 update for Meltdown and Spectre |
Rackspace |
Rackspace mitigations against CPU speculative execution vulnerabilities |
Rapid7 |
Meltdown and Spectre: What you need to know (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) |
Raspberry Pi |
Why Raspberry Pi isn’t vulnerable to Spectre or Meltdown |
Red Hat |
Kernel Side-Channel Attacks – CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
RHSA-2018:0008 - Security Advisory
RHSA-2018:0012 - Security Advisory
RHSA-2018:0013 - Security Advisory
RHSA-2018:0014 - Security Advisory |
Rendition Infosec |
Meltdown and Spectre – enterprise action plan |
Resolver |
Security Vulnerability: Meltdown and Spectre |
RISC-V Foundation |
Building a More Secure World with the RISC-V ISA |
Rising |
CPU漏洞到底该怎么破? 瑞星发布解决方案 |
Riverbed Technology |
Jan 05, 2018: Update on Meltdown and Spectre
Support KB ID S31752 (account required) |
Rockwell Automation |
Answer ID: 1070884: Rockwell Automation Briefing on "Meltdown" and "Spectre" vulnerabilities. (account required)
Answer ID: 1071234: Microsoft Windows Security Updates for Meltdown/Spectre Vulnerabilities Impact (account required)
|
RSA |
000035890 - Microprocessor Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on RSA products |
Ruckus Networks |
Article Number 000007583: Is there any imact of Meltdown and Spectre vulnerabilities on Ruckus Products?
ID 20180105 FAQ: Spectre and Meltdown Vulnerabilities – CVE-2017-5753 CVE-2017-5715
& CVE-2017-5754 |
Salesforce |
Knowledge Article Number 000269171: Salesforce addresses 'Spectre' and 'Meltdown' vulnerabilities
Knowledge Article Number 000269190: Salesforce response to 'Spectre' and 'Meltdown' Vulnerabilities |
Samsung |
About speculative execution vulnerabilities in ARM-based CPUs
Android Security Updates: January 2018 |
SanData |
Prozessor-Schwachstellen Meltdown und Spectre |
SAP |
2585891: Meltdown and Spectre execution vulnerabilities on Linux (login required)
2586312: Linux: How to protect against speculative execution vulnerabilities (login required) |
SAS |
SAS Statement Regarding Meltdown/Spectre Vulnerabilities |
Scaleway |
Spectre and Meltdown Vulnerabilities Status Page |
Scan Computers |
I have a concern about Spectre & Meltdown Security exploits |
Schneider Electric |
|
Scientific Linux |
CVE-2017-5715
CVE-2017-5753
CVE-2017-5754 |
ScyllaDB |
The Cost of Avoiding a Meltdown |
SecurityCoverage |
Threat Alert: Meltdown and Spectre Vulnerabilities |
Sentinel One |
Meltdown/Spectre – A tale of two vendors
SentinelOne is Compatible with “Meltdown” and “Spectre” Fixes |
ServiceNow |
KB0661896: Spectre/Meltdown CPU Vulnerabilities - 01/04/18 |
Siemens |
SSB-068644: General Customer Information for Spectre and Meltdown
SSB-168644: Spectre and Meltdown Vulnerabilities in Industrial Products |
Silver Peak |
CPU Side-Channel Attacks - Spectre Attacks: Exploiting Speculative Execution - Meltdown: Rogue Data Cache Load |
SIOS |
CPU由来の脆弱性情報(Meltdown and Spectre Vulnerability : CVE-2017-5753, CVE-2017-5754, CVE-2017-5715) |
Slackware |
[slackware-security] kernel (SSA:2018-016-01) |
Smartsheet |
Meltdown, Spectre and Smartsheet |
Smiths Medical |
Cyber Security Engineering Products Security Bulletin 2018 JAN 12.1 |
SOC Prime |
Meltdown and Spectre attacks exploit vulnerabilities in CPU to steal data |
SolarWinds |
Update: AV: January 5, 2018: Notice of Vulnerability CVE-2017-5733, CVE-2017-5715 (Spectre) and CVE-2017-5754 (Meltdown) |
SonicWall |
Meltdown and Spectre Vulnerabilities: A SonicWall Alert |
Sophos |
128053: Advisory: Kernel memory issue affecting multiple OS (aka F**CKWIT, KAISER, KPTI, Meltdown & Spectre) |
Spectracom |
Spectre and Meltdown Vulnerabilities (CVE-2016-5715, CVE-2017-5753, CVE-2017-5754) |
Splunk |
Security Update: Meltdown and Spectre vulnerabilities
|
Spotinst |
Spotinst Update Concerning: CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 |
Stryker |
Security advisories notification for Meltdown and Spectre vulnerabilities |
SuperMicro |
Security Vulnerabilities Regarding Side Channel Speculative Execution and Indirect Branch Prediction Information Disclosure (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) |
SUSE |
SUSE Addresses Meltdown and Spectre Vulnerabilities
SUSE Linux security updates CVE-2017-5715
SUSE Linux security updates CVE-2017-5753
SUSE Linux security updates CVE-2017-5754
KB7022512: Security Vulnerability: "Meltdown" and "Spectre" side channel attacks against CPUs with speculative execution.
KB7022514: Security Vulnerability: "Meltdown" and "Spectre" - Hypervisor Information. |
Symantec |
INFO4793: Meltdown and Spectre: Are Symantec Products Affected?
SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks |
Synology |
Synology-SA-18:01 Meltdown and Spectre Attacks |
Tableau |
[Informational] INF-2018-001: CPU Speculative Execution Vulnerabilities |
Tanium |
Spectre and Meltdown FAQ |
Tenable |
The First Major Security Logos of 2018: Spectre and Meltdown Vulnerabilities |
Tencent |
影响全球的CPU漏洞深度解读:熔断与幽灵 |
TenFourFox |
Is PowerPC susceptible to Spectre? Yep.
More about Spectre and the PowerPC (or why you may want to dust that G3 off)
Actual field testing of Spectre on various Power Macs (spoiler alert: G3 and 7400 survive!) |
Thecus |
Announcement: Thecus is aware of the recently discovered security vulnerabilities known as Meltdown and Spectre. We are working on solutions for our products. Updates for our NAS and ThecusOS will be released very soon<./a>
Thecus updates ThecusOS 7.0 for Spectre & Meltdown |
Thomas Krenn |
Sicherheitshinweise zu Meltdown und Spectre |
TIBCO |
2018-JAN-05: Meltdown and Spectre Vulnerability Update
2018-JAN-12: Meltdown and Spectre Vulnerability Update |
Toshiba |
ID 4015952: Intel, AMD & Microsoft Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method Security Vulnerabilities |
Trend Micro |
Solution ID: 1118996: Important Information for Trend Micro Solutions and Microsoft January 2018 Security Updates
Solution ID: 1119183: Important Information for Trend Micro Solutions and Microsoft January 2018 Security Updates (Meltdown and Spectre)
|
Tyan |
Tyan BIOS updates for Intel Microprocessor vulnerabilities |
Ubuntu |
Ubuntu Updates for the Meltdown / Spectre Vulnerabilities |
Unitrends |
Article 000005935: CVE-2017-5753 kernel: speculative execution bounds-check bypass (meltdown/spectre) |
UpCloud |
Information regarding the Intel CPU vulnerability (Meltdown) |
VAIO |
Side Channel Analysis に関する脆弱性対応について |
Veeam |
KB ID 2427: Meltdown and Spectre vulnerabilities |
Veritas |
Article ID 100041496: Veritas Appliance Statement on Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715) |
Vertiv |
Vertiv Security Updates for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754 |
VIPRE |
1000258536: Critical Alert - 1/3/2018 Windows Security Update |
Virtuozzo |
Virtuozzo Addresses Intel Bug Questions
Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 3.10.0-693.11.6.vz7.40.4, Virtuozzo 7.0 Update 6 Hotfix 3 (7.0.6-710)
Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2, Virtuozzo 6.0 Update 12 Hotfix 20 (6.0.12-3690)
Important kernel security update: Fixes for Meltdown and Spectre exploits; new kernel 2.6.32-042stab127.2 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0 |
VirusBlockAda |
Шифрование чатов, уязвимость в Intel AMT и новый протокол Wi-Fi WPA3 - дайджест минувшей недели |
VMRay |
Our Statement on Spectre and Meltdown |
VMware |
VMSA-2018-0002 VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution
VMSA-2018-0004 VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue
VMSA-2018-0007 VMware Virtual Appliance updates address side-channel analysis due to speculative execution
KB52085: Hypervisor-Assisted Guest Mitigation for branch target injection (52085)
KB52245: VMware Response to Speculative Execution security issues, CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 (aka Spectre and Meltdown) (52245)
KB52264: VMware Virtual Appliances and CVE-2017-5753, CVE-2017-5715 (Spectre), CVE-2017-5754 (Meltdown) (52264)
KB52292: VMware NSX Guest Introspection compatibility for Microsoft Windows patches released for "Spectre" and "Meltdown" (52292)
KB52337: VMware Performance Impact for CVE-2017-5753, CVE-2017-5715, CVE-2017-5754 (aka Spectre and Meltdown) (52337)
KB52345: Intel Sightings in ESXi Bundled Microcode Patches for VMSA-2018-0004 (52345)
KB52367: VMware 仮想アプライアンスと CVE-2017-5753、CVE-2017-5715 (Spectre)、CVE-2017-5754 (Meltdown) (52367)
KB52368: VMware 虚拟设备和 CVE-2017-5753、CVE-2017-5715 (Spectre)、CVE-2017-5754 (Meltdown) (52264) (52368)>/a> |
Vultr |
Intel CPU Vulnerability Alert |
WatchGuard |
Article ID 000011204: Meltdown and Spectre Side-Channel Attacks (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) |
Webkit |
What Spectre and Meltdown Mean For WebKit
WebKitGTK+ Security Advisory WSA-2018-0001 |
Webroot |
Solution 2837: This solution allows users to enable their devices to receive the latest Microsoft January 2018 Security Patch |
Wind River |
Spectre and Meltdown – How to Respond in the Embedded World
Security Vulnerability Response Information: Meltdown and Spectre: CVE-2017-5753, CVE-2017-5715, CVE-2017-5754
Spectre and Meltdown FAQ
Wind River Security Vulnerability Notice: Linux Kernel Meltdown and Spectre Break (Side-Channel Attacks) - CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Updated Intel Microcode 20180108 |
Wonderware PacWest |
Important! Tech Alert 287 |
Xen |
Advisory XSA-254: Information leak via side effects of speculative execution
Xen Project Spectre / Meltdown FAQ (Jan 22 Update) |
XKCD |
Meltdown and Spectre (user education) |
Yokogawa |
Security Information: CPU Vulnerability Meltdown / Spectre |
Zebra |
Reference No 01-0118-01: Spectre and Meltdown Security Vulnerability Updates |
Zerto |
KB Number 000001474: Meltdown and Spectre Vulnerability (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754) Update |
Zotac |
Spectre & Meltdown Bug |
Zscaler |
Meltdown and Spectre vulnerabilities: What you need to know
Meltdown and Spectre vulnerabilities: Protecting Zscaler Cloud
Meltdown and Spectre Vulnerabilities - initial assessment |
Zyxel |
Zyxel security advisory for Meltdown and Spectre attacks |