Meltdown and Spectre Vulnerabilities -- Endpoints
- Article Number: 000014994
- Products: Forcepoint DLP Endpoint, Forcepoint One Endpoint, Forcepoint Web Security Endpoint, TRITON AP-ENDPOINT DLP, TRITON AP-ENDPOINT Web
- Version: 8.5, 8.4, 8.3, 18
- Last Published Date: January 08, 2019
KB 14933 provides a description of the Meltdown and Spectre Vulnerabilities CVE-2017-5715, CVE-2017-5753, CVE-2017-5754.
This article provides additional information specific for Forcepoint DLP and Web Security Endpoints.
The Meltdown and Spectre attacks are not a remote compromise against the Forcepoint DLP and Web Security Endpoints. These vulnerabilities have no direct impact on the Forcepoint DLP and Web Security Endpoints and very little indirect impact.
The Meltdown vulnerability allows a local user with normal user privileges to read kernel memory via a specially crafted exploit program. The Forcepoint DLP and Web Security Endpoints are not general-purpose systems and only trusted administrators should have local user accounts.
Forcepoint DLP and Web Security Endpoints are fully compatible with the following updates provided by operating system and browser vendors.
Windows (including Internet Explorer and Edge browsers) - See https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown.
Safari Browser - See https://support.apple.com/en-us/HT208403.