Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Q) vTM can be affected by CPU issue about Meltdown and Spectre

yihwang
New Contributor
‎01-04-2018 09:42:PM
‎01-04-2018 09:42:PM

Q) vTM can be affected by CPU issue about Meltdown and Spectre

Hi.

I'm a vTM engineer.

 

After reading KB43597,

I was wondering if vTM can be affected by same issue,

because there is no word about vTM.

 

Please let me know as possible.

 

Thanks in advance

yeongil

Labels:
0 Kudos
3 REPLIES 3
pwallace
Community Manager
Community Manager
‎01-08-2018 12:50:AM
‎01-08-2018 12:50:AM

Re: Q) vTM can be affected by CPU issue about Meltdown and Spectre

Hello, the KB has now been updated to include vADC (including vTM, vWAF and Services Director)

https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB43597/?l=en_US&fs=Search&pn=1&atype

 

These exploits are unusual in that the vulnerability is not in the software itself, but is in the underlying HW platform and could allow HW memory protection and isolation to be circumvented with application-level code.

 

0 Kudos
yihwang
New Contributor
‎01-09-2018 12:49:AM
‎01-09-2018 12:49:AM

Re: Q) vTM can be affected by CPU issue about Meltdown and Spectre

Hello.

 

vTM was deployed on ESXi. Did you mean that there is no problem by applying ESXi patch?

 

Thanks in advance

 

Regards,

yihwang

0 Kudos
pwallace
Community Manager
Community Manager
‎01-09-2018 06:48:AM
‎01-09-2018 06:48:AM

Re: Q) vTM can be affected by CPU issue about Meltdown and Spectre

You will certainly need the ESXi patch to mitigate these HW vulnerabilities.
 
However, these side-channel vulnerabilities are complex, and may also depend on the interaction with the underlying hardware. As per the KB article linked above, we are also considering further mitigation options, which may include updating the vTM Virtual Appliance to implement additional patches from the OS Vendor.
 
As mentioned in the KB, please refer to https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown for additional information on the delivery of the patches from the OS vendor; this link may also provide ongoing recommendations and best practice.
 
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.