Número del artículo: 000137364
Dell is aware of a recently disclosed class of CPU speculative execution vulnerabilities (CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646) known collectively as "L1 Terminal Fault" (L1TF) that affect Intel microprocessors. For more information on these vulnerabilities, please review the security advisory posted by Intel.
Dell is investigating the impact of these vulnerabilities on our products and we are working with Intel and other industry partners to mitigate these vulnerabilities. Mitigation may vary by product and may require updates to Operating System (OS), Virtual Machine Manager (VMM), and other software components. Microcode released as part of CVE-2018-3639 and CVE-2018-3640 mitigation is sufficient.
Dell recommends customers follow security best practices for malware protection to help prevent possible exploitation of these vulnerabilities until any future updates can be applied. These practices include, but are not limited to, promptly deploying software updates, avoiding unknown hyperlinks and websites, never downloading files or applications from unknown sources, and employing up-to-date anti-virus and advanced threat protection solutions.
The systems below are affected and will receive updated firmware via Dell BIOS release (BIOS update). Dates in this list are dependent on microcode delivery from CPU Vendors. These dates are estimates provided for customer planning purposes and will be updated with links to download packages when available.
There are two essential components that need to be applied to mitigate the above-mentioned vulnerabilities:
For information on other Dell products, please see https://www.dell.com/support/article/sln318303.
External references
21 feb 2021
4
Solution