Understanding the impact of Meltdown and Spectre CPU exploits on Bitdefender GravityZone users
Last revised: 22 January 2018 11:15am GMT
Modern CPU hardware implementations from the last decade have been found vulnerable to side-channel attacks. Through a CPU architecture design flaw, links can be established between user and kernel memory pages, allowing attackers to obtain access to sensitive information. The two advanced attacks are now known as Meltdown and Spectre.
As a result, security patches and statements have been released by major industry players. These security patches come with new hardware and software requirements that may break the compatibility with specialized applications such as security products.
To mitigate any negative effects, Bitdefender ensures performance and compatibility evaluations between its GravityZone business products and the recent security patches.
Engineering teams covering all Bitdefender GravityZone components will release the compatibility updates through automatic updates commencing 8 January 2018. At the moment, evaluation tests with the security patches are still being run as they are made available by their vendors.
As there may be new developments in this security case, this article will be updated with new information pertaining to the approved security patches and GravityZone solutions and its related components:
• GravityZone Endpoint Security for Windows - Version 220.127.116.113 (Fast Ring) compatible with January 3rd Microsoft security patches was released on Monday the 8th of January at 10am GMT. The Slow Ring version was also released on Tuesday the 9th of January at 5am GMT. No action is required from users before or during the Bitdefender Endpoint update. This update automatically delivered a specific registry key that enabled the Windows security update in question. You can carry on with regular OS updates after version 18.104.22.1683 installation is completed.
|Note: To change the Update Ring:
• Endpoint Security by Bitdefender Version 22.214.171.1249 was released on the 9th of January at 6:00am GMT.
• GravityZone Endpoint Security for Mac – Version 126.96.36.199215 is compatible with Mac 10.13.2 that mitigated the Meltdown vulnerability.
• GravityZone Endpoint Security for Linux – compatibility tests are currently being run on Linux distributions that published security patches: RedHat, SUSE, Fedora, Debian, Oracle Linux and CentOS. As patches become available for other supported Distributions we will include them in our compatibility tests.
• GravityZone Security for Virtualized Environments:
‐ NSX Guest Introspection Integrated – this is an agentless solution, there are no Bitdefender components running within the guest VMs. Please consider the VMware security advisory as well when planning to upgrade your infrastructure.
‐ Multi-Platform – Bitdefender Endpoint Security Tools for Windows Version 188.8.131.523 was released on Monday the 8th of January at 10am GMT following the same update release model as above.
• Aditional compatibility tests are currently being run for:
‐ GravityZone Hypervisor Introspection
‐ GravityZone Security for Exchange
‐ GravityZone Security for Mobile
• As soon as the Ubuntu Security Team releases security patches for Ubuntu 16.04, Bitdefender will start its compatibility and performance tests for GravityZone virtual appliances. The GravityZone virtual appliance is powering the following GravityZone solutions:
‐ GravityZone Business Security
‐ GravityZone Advanced Business Security
‐ GravityZone Elite Security (HD)
‐ GravityZone Ultra Security (XDR)
‐ GravityZone Enterprise Security
‐ GravityZone for Service Providers (XSP)
‐ Cloud Security for MSP
‐ GravityZone Full Disk Encryption
‐ GravityZone Patch Management
‐ Security for Amazon Web Services
9 January 6:00pm GMT
Check the following Microsoft advisory for additional details regarding the Windows Servers security patch process. Bitdefender is currently following this guideline to assess the compatibility with its Business products. Since its impact on the server infrastructure may differ widely, a specific time frame for a compatibility resolution is unavailable at the moment.
11 January 10:10am GMT
Bitdefender has started the compatibility and performance tests with latest security patches from Ubuntu Security Team. Since the performance impact on its GravityZone virtual appliances may differ widely, a specific time frame for a compatibility resolution is unavailable at the moment.
15 January 9:40pm GMT
Bitdefender has finished the compatibility and performance tests for Bitdefender Endpoint Security for Linux version 184.108.40.206 with the latest security patches delivered by the supported Linux distributions. No issues were identified.
19 January 1:00pm GMT
Bitdefender has finished the compatibility and performance tests for Bitdefender Hypervisor Introspection (HVI). Security Server version 220.127.116.1120 is compatible with Windows and Linux guests patched against Spectre and Meltdown vulnerabilities.
Security Server (Multi-Platform/HVI) has been updated with security patches against Meltdown and Spectre vulnerabilities.
22 January 11:15am GMT
Security Server for VMware NSX has been updated with security patches against Meltdown and Spectre vulnerabilities.
Find out more information about the impact of these vulnerabilities:
Project Zero: Meltdown and Spectre exploits.