Medium
Summary:
Dell EMC Data Protection Search contains operating system updates to mitigate new variants of speculative execution side-channel vulnerabilities.
This advisory addresses the following vulnerabilities:
CVE-2018-3640 Rogue System Register Read (RSRE) also known as Variant 3a
CVE-2018-3639 Speculative Store Bypass (SSB) also known as Variant 4
CVE-2018-3620 - L1 Terminal Fault: OS/SMM
For more information, review Intel s security advisories INTEL-SA-00115 and INTEL-SA-00161.
See NVD (http://nvd.nist.gov/) for individual scores for each CVE
This advisory addresses the following vulnerabilities:
CVE-2018-3640 Rogue System Register Read (RSRE) also known as Variant 3a
CVE-2018-3639 Speculative Store Bypass (SSB) also known as Variant 4
CVE-2018-3620 - L1 Terminal Fault: OS/SMM
For more information, review Intel s security advisories INTEL-SA-00115 and INTEL-SA-00161.
See NVD (http://nvd.nist.gov/) for individual scores for each CVE
Affected products:
Dell EMC Data Protection Search prior to version 18.2
Remediation:
The following Dell EMC Data Protection Search release addresses these vulnerabilities:
Dell EMC Data Protection Search 18.2
Dell EMC recommends all customers upgrade at the earliest opportunity. Dell recommends customers to follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
Customers can download the latest updates from the Data Protection Search support page at: https://support.emc.com/products/38110
Affected products:
Dell EMC Data Protection Search prior to version 18.2
Remediation:
The following Dell EMC Data Protection Search release addresses these vulnerabilities:
Dell EMC Data Protection Search 18.2
Dell EMC recommends all customers upgrade at the earliest opportunity. Dell recommends customers to follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
Customers can download the latest updates from the Data Protection Search support page at: https://support.emc.com/products/38110