Meltdown and Spectre Situation Update
Two newly discovered processor chip vulnerabilities, dubbed Meltdown and Spectre, could permit attackers to gain unauthorized access to a computer’s memory. Spectre affects all modern processors, including those designed by Intel, AMD and ARM, but Meltdown is currently thought to affect only Intel chips manufactured since 1995, with the exception of Itanium and Atom chips made before 2013. The vulnerabilities can only be mitigated through operating system patches. Please see https://www.symantec.com/blogs/threat-intelligence/meltdown-spectre-cpu-bugs for the latest in depth information on the vulnerabilities.
Does Symantec Data Center Security provide protection for the Meltdown and Spectre vulnerabilities?
Meltdown and Spectre are local privilege escalation vulnerabilities which means that malicious software must first be installed on a target system to exploit the vulnerabilities. Symantec Data Center Security: Server Advanced (DCS:SA) protects vulnerable systems by ensuring that only authorized software is allowed to run. All three levels of DCS:SA policies; Windows 6.0 Basic, Hardening and Whitelisting, and all 5.2.9 policies (Limited Execution, Strict, and Core) prevent an attacker from dropping malicious executables onto the system.
Can I apply the OS vendor patches which provide mitigation for Meltdown and Spectre
For Linux platforms we are testing patches as they are released. To date all platforms have been successfully tested. Only Amazon Linux requires a driver update. See: https://support.symantec.com/en_US/article.TECH248572.html