KB Article | Forcepoint Support

Problem Description

KB 14933 provides a description of the Meltdown and Spectre Vulnerabilities CVE-2017-5715, CVE-2017-5753, CVE-2017-5754.
This article provides additional information specific for Forcepoint DLP and Web Security Endpoints.
 
Vulnerability risk
 
The Meltdown and Spectre attacks are not a remote compromise against the Forcepoint DLP and Web Security Endpoints. These vulnerabilities have no direct impact on the Forcepoint DLP and Web Security Endpoints and very little indirect impact.
 
The Meltdown vulnerability allows a local user with normal user privileges to read kernel memory via a specially crafted exploit program. The Forcepoint DLP and Web Security Endpoints are not general-purpose systems and only trusted administrators should have local user accounts.
 

Resolution

Forcepoint DLP and Web Security Endpoints are fully compatible with the following updates provided by operating system and browser vendors.

Windows (including Internet Explorer and Edge browsers) - See https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown.
  1. Microsoft Windows 10 1709 KB4056892 (OS Build 16299.192)
  2. Microsoft Windows 10 1703 KB4056891 (OS Build 15063.850)
  3. Microsoft Windows 10 1607 KB4056890 (OS Build 14393.2007)
  4. Microsoft Windows 10 1511 KB4056888 (OS Build 10586.1356)
  5. Microsoft Windows 8.1 KB4088879
  6. Microsoft Windows 8 KB4088877
  7. Microsoft Windows 7 KB4078130
  8. Microsoft Windows Server 2012 KB4088877
  9. Microsoft Windows Server 2008 KB4078130
macOS Operating System - See https://support.apple.com/en-us/HT208394.
  • macOS 10.13.2 - Security update available January 8, 2018.
  • macOS 10.13.3 
Chrome Browser - See https://support.google.com/faqs/answer/7622138.
  1. Windows Chrome 64
  2. macOS Chrome 64 
Firefox Browser - See https://www.mozilla.org/en-US/firefox/57.0.4/releasenotes/. Mozilla recommends these updates. 
  1. Windows Mozilla Firefox 57.0.4 
  2. Mac Mozilla Firefox 57.0.4
Firefox ESR Browser (Windows only) - See https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/ and http://forums.mozillazine.org/viewtopic.php?f=38&t=3037113
  • Mozilla states that Firefox ESR is not impacted.

Safari Browser - See https://support.apple.com/en-us/HT208403.
  • Version 11.0.2 is needed. 

Article Feedback



Thank you for the feedback and comments.