Retina Customer Alert: Intel, AMD and ARM Chipset Vulnerability (Spectre and Meltdown)

Alejandro DaCosta, Product Manager, Retina CS

As you have likely heard by now, the kernel-memory-leaking processor vulnerability (Spectre and Meltdown) extends beyond the Intel chipset; it is now known to affect AMD and ARM chipsets as well supporting Windows, Unix, Linux and MacOS. The massive scope of this vulnerability has led to some OS vendors to release emergency patches in order to mitigate this vulnerability. For customers, BeyondTrust has added the following detection in Retina’s audit release 3361 based on the latest patches currently available. Updated: 1/12/2018

  • 67245    Microsoft Security Update for SQL Server – Jan 2018 – 4057118 2016 GDR
  • 67246    Microsoft Security Update for Windows – Jan 2018 – Mitigation
  • 67247    Microsoft Security Update for SQL Server – Jan 2018 – 4058561 2016 CU7
  • 67248    Microsoft Security Update for SQL Server – Jan 2018 – 4057122 2017 GDR
  • 67249    Microsoft Security Update for SQL Server – Jan 2018 – 4058562 2017 CU3
  • 67107    Microsoft Security Update for Windows 10 – Jan 2018
  • 67108    Microsoft Security Update for Windows – Jan 2018 – 7 / 2008R2
  • 67109    Microsoft Security Update for Windows – Jan 2018 – 8.1 / 2012R2
  • 67110    Microsoft Security Update for Windows – Jan 2018 – 2012
  • 67111    Microsoft Cumulative Security Update for Internet Explorer – Jan 2018
  • 67396    ASA-201801-10 : intel-ucode
  • 67392    ASA-201801-6 : linux-lts
  • 67390    ASA-201801-4 : linux-hardened
  • 67389    ASA-201801-3 : linux-zen
  • 67387    ASA-201801-1 : linux
  • 67095    RHSA-2018:0007 – kernel security update
  • 67096    RHSA-2018:0008 – kernel security update
  • 67097    RHSA-2018:0009 – kernel security update
  • 67098    RHSA-2018:0010 – kernel security update
  • 67099    RHSA-2018:0011 – kernel security update
  • 67100    RHSA-2018:0012 – microcode_ctl security update
  • 67101    RHSA-2018:0013 – microcode_ctl security update
  • 67115    RHSA-2018:0016 – kernel-rt security update
  • 67116    RHSA-2018:0017 – kernel security update
  • 67117    RHSA-2018:0018 – kernel security update
  • 67118    RHSA-2018:0020 – kernel security update
  • 67119    RHSA-2018:0022 – kernel security update
  • 67120    RHSA-2018:0023 – qemu-kvm security update
  • 67121    RHSA-2018:0024 – qemu-kvm security update
  • 67122    RHSA-2018:0025 – qemu-kvm-rhev security update
  • 67123    RHSA-2018:0026 – qemu-kvm security update
  • 67124    RHSA-2018:0027 – qemu-kvm security update
  • 67125    RHSA-2018:0028 – qemu-kvm-rhev security update
  • 67126    RHSA-2018:0029 – libvirt security update
  • 67127    RHSA-2018:0030 – libvirt security update
  • 67128    RHSA-2018:0031 – libvirt security update
  • 67129    RHSA-2018:0032 – libvirt security update
  • 67130    RHSA-2018:0034 – microcode_ctl security update
  • 67131    RHSA-2018:0035 – microcode_ctl security update
  • 67132    RHSA-2018:0036 – microcode_ctl security update
  • 67133    RHSA-2018:0037 – microcode_ctl security update
  • 67134    RHSA-2018:0038 – microcode_ctl security update
  • 67135    RHSA-2018:0039 – microcode_ctl security update
  • 67136    RHSA-2018:0014 – linux-firmware security update
  • 67137    RHSA-2018:0015 – linux-firmware security update
  • 67154    RHSA-2018:0044 – redhat-virtualization-host security update
  • 67155    RHSA-2018:0045 – rhvm-appliance security update
  • 67156    RHSA-2018:0047 – redhat-virtualization-host security update
  • 67157    RHSA-2018:0053 – linux-firmware security update
  • 67158    RHSA-2018:0054 – qemu-kvm-rhev security and bug fix update
  • 67159    RHSA-2018:0055 – qemu-kvm-rhev security and bug fix update
  • 67160    RHSA-2018:0056 – qemu-kvm-rhev security update
  • 67161    RHSA-2018:0057 – qemu-kvm-rhev security update
  • 67162    RHSA-2018:0058 – qemu-kvm-rhev security update
  • 67163    RHSA-2018:0059 – qemu-kvm-rhev security update
  • 67164    RHSA-2018:0060 – qemu-kvm-rhev security update
  • 67165    RHSA-2018:0040 – microcode_ctl security update
  • 67103    SUSE-SU-2018:0008-1 – Security update for kernel-firmware
  • 67104    SUSE-SU-2018:0007-1 – Security update for qemu
  • 67105    SUSE-SU-2018:0006-1 – Security update for ucode-intel
  • 67225    USN-3516-1: Firefox vulnerabilities
  • 67386    USN-3531-1: Intel Microcode update
  • 67091 – Apple macOS < 10.13.2 – Multiple Vulnerabilities (HT208331) – 10.13
  • 67093 – Apple macOS < 10.13.2 – Multiple Vulnerabilities (HT208331) – 10.12
  • 67094 – Apple macOS < 10.13.2 – Multiple Vulnerabilities (HT208331) – 10.11
  • 67236    Apple Safari – Multiple Vulnerabilities (HT207403) “Spectre”
  • 67237    Apple iOS < 11.2.2 – Multiple Vulnerabilities (HT208401)
  • 67277    USN-3521-1: NVIDIA graphics drivers vulnerability
  • 67317    DSA-4082-1 linux
  • 67112    CESA-2018:0014 – linux-firmware Security Update
  • 67113    CESA-2018:0012 – microcode_ctl Security Update
  • 67114    CESA-2018:0007 – kernel Security Update
  • 67149    CESA-2018:0023 – qemu-kvm Security Update
  • 67150    CESA-2018:0029 – libvirt Security Update
  • 67151    CESA-2018:0030 – libvirt Security Update
  • 67152    CESA-2018:0008 – kernel Security Update
  • 67153    CESA-2018:0013 – microcode_ctl Security Update
  • 67365    ELSA-2018-0024 – qemu-kvm
  • 67364    ELSA-2018-0023 – qemu-kvm
  • 67363    ELSA-2018-0030: libvirt
  • 67362    ELSA-2018-0029: libvirt
  • 67361    ELSA-2018-0012: microcode_ctl
  • 67360    ELSA-2018-0007: kernel
  • 67359    ELSA-2018-0013: microcode_ctl
  • 67358    ELSA-2018-0008: kernel
  • 67357    OVMSA-2018-0004: qemu-kvm
  • 67356    OVMSA-2018-0003: microcode_ctl
  • 67355    ALAS-2018-939: kernel
  • 67354    VMSA-2018-0004: Speculative Execution – Workstation Windows
  • 67353    VMSA-2018-0004: Speculative Execution – Workstation Linux
  • 67352    VMSA-2018-0004: Speculative Execution – Fusion
  • 67351    VMSA-2018-0004: Speculative Execution – vCenter 5.5
  • 67350    VMSA-2018-0004: Speculative Execution – vCenter 6.0
  • 67349    VMSA-2018-0004: Speculative Execution – vCenter 6.5
  • 67348    VMSA-2018-0004: Speculative Execution – ESXi 5.5
  • 67347    VMSA-2018-0004: Speculative Execution – ESXi 6.0
  • 67346    VMSA-2018-0004: Speculative Execution – ESXi 6.5
  • 67371    VMSA-2018-0002.1: Speculative Execution – Fusion
  • 67370    VMSA-2018-0002.1: Speculative Execution – Workstation Linux
  • 67369    VMSA-2018-0002.1: Speculative Execution – Workstation Windows
  • 67368    VMSA-2018-0002.1: Speculative Execution – ESXi 5.5
  • 67367    VMSA-2018-0002.1: Speculative Execution – ESXi 6.0
  • 67366    VMSA-2018-0002.1: Speculative Execution – ESXi 6.5
  • 67381 – Citrix XenServer – Multiple Vulnerabilities (CTX231390)

BeyondTrust will continue to add more audits as additional patches become available. Watch here for more details. If you have any questions in the meantime, please contact customer support.

Alejandro DaCosta, Product Manager, Retina CS

As Product Manager, Alex DaCosta is responsible for designing the company’s Vulnerability Management solutions. Alex joined BeyondTrust via the company’s acquisition of eEye Digital Security, where he held senior positions as Security Engineer in both pre and post sales operations. As a Senior Security Engineer, Alex was responsible for the success of demonstrating, architecting and implementing the Company’s enterprise solutions. Alex graduated from California State University, Long Beach with a Bachelors of Science Degree in Management Information Systems.