Skip to end of metadata
Go to start of metadata

Description

Flaws have been found in Intel, AMD and ARM chipsets that could compromise a device.  With few exceptions this could date back to chipsets built since 1995. 

Information

Expect there to be patches required for all OS and Web browsers.  FileWave itself is not directly affected, but can be used to patch your devices appropriately.

The majority of patches should be available through Software Update Filesets.

If you wish to apply updates manually, please review Alternate macOS Software Update Method

Apple Direct Downloads:

The National Cyber Security has provided the following information: https://www.ncsc.gov.uk/guidance/meltdown-and-spectre-guidance

Useful vendor links:

Apple

Microsoft

Microsoft Azure

Google

Amazon

VMware

Project Zero detailed analysis

Please note, not all updates have yet been supplied and you should regularly check for further announcements.

Hosted Customers

Amazon EC2 provides the hypervisor infrastructure for hosted FileWave customers.  All instances across the Amazon EC2 fleet are protected, as outlined in this AWS security bulletin: https://aws.amazon.com/security/security-bulletins/AWS-2018-013/ and the FileWave Ops team has patched all servers.

Appliances

Many of you will be using one or more of our appliances.  These should be updated accordingly.  We highly recommend taking snapshots prior to any upgrade or update; it is possible that not all patches and updates have been tested with FileWave.

Centos

For appliances running Centos, to apply all updates run:

sudo yum update

If you wish to confirm you have the required security patches installed please run:

sudo rpm -q --changelog kernel | awk '/CVE-2017-5715|CVE-2017-5753|CVE-2017-5754/ { cnts[$NF] += 1 } END { for (v in cnts) print v}'

Debian

Engage server runs on Debian.  Waiting on patches, please watch these links for patch status updates:

https://security-tracker.debian.org/tracker/CVE-2017-5715

https://security-tracker.debian.org/tracker/CVE-2017-5753

https://security-tracker.debian.org/tracker/CVE-2017-5754

For appliances running Debian, to apply all updates run:

sudo apt-get update && apt-get upgrade

If you wish to confirm you have the required security patches installed please run:

sudo find /usr/share/doc -type f -name "*changelog*" | while read line; do zcat "$line" 2>/dev/null | egrep "CVE-2017-5715|CVE-2017-5753|CVE-2017-5754"; done

Expect future released VM appliances to be patched.