The beginning of the year has already witnessed the discovery of two new vulnerabilities, called Meltdown and Spectre. These security gaps can impact organizations using modern processors. Intel has announced on January 3rd that "some of its processors could be vulnerable to a security breach". But these breaches are not limited to Intel processors; AMD and ARM are also concerned.
While it is true that Stormshield solutions use such Intel and ARM processors, please note that our solutions are not directly impacted by these vulnerabilities.
Stormshield's Research & Development team hard at work
Our R&D team continues to analyze these vulnerabilities, as well as their consequences, both in terms of security and performance of our solutions. However, we can confirm that:
- our Stormshield Network Security products are unaffected by these vulnerabilities and cannot be exploited directly by an attacker.
- our other Stormshield Endpoint Security and Stormshield Data Security solutions are not directly affected by these vulnerabilities. Nevertheless, it will be imperative to update your operating systems (OS - Operating System) the release of corrective patches (Windows in particular).
The first investigations have been reported on the Stormshield Advisories platform: advisories.stormshield.eu. Others are still in progress.
[Update – 01/05, 6:25PM] January 3, 2018 Windows security updates
This January 3rd, Microsoft published security updates to strengthen its OS Windows. But some third-party applications (antivirus especially) are making “unsupported calls into Windows kernel memory that cause stop errors (also known as bluescreen errors) to occur”. Stormshield Endpoint Security is not making any unsupported calls, and therefore it is compatible with these security updates.
However, to prevent any bluescreen errors, Microsoft has conditioned the patch installation to the existence of a special register key. In the same time, Microsoft has asked the third parties to check the compatibility and create the register key once the compatibility confirmed. Therefore:
- If you do not use a complementary antivirus to SES, you can follow the tutorial provided by Microsoft support in order to the enable manually the register key;
- If you have an additional antivirus to SES, get in touch with your provider as soon as possible to find out about its status.
Stormshield Endpoint Security team continues its investigations and tests.
For additional information, please contact your usual Stormshield representative or our technical support.
And for more information on the Meltdown and Spectre vulnerabilities, you can visit the dedicated website: meltdownattack.com.