DEEP INSTINCT ANNOUNCES IT IS NOT IMPACTED BY MELTDOWN OR SPECTRE VULNERABILITIES

Jan 9, 2018

On January 3, 2018, Microsoft released a Security update due to newly revealed CPU security flaws – commonly referred to as “Meltdown” and “Spectre“.

Deep Instinct confirms that its security products are fully compatible with Microsoft’s security updates and our tests indicates that there is no impact on D-Client after installing Microsoft’s patch nor any other issue on the installed device, therefore customers can safely apply the Microsoft patch.

This was tested against Deep Instinct D-Client version 2.1.7.

 

According to Microsoft, due to an issue with some versions of other Anti-Virus software vendors, this fix is only being made applicable to the machines where the Anti-virus ISV has updated the ALLOW REGKEY (see KB4072699).

Again – All Deep Instinct products have been fully tested and found compatible.

The registry key will only be required if customers wish to utilize Windows automatic updates.

To add the ALLOW REGKEY registry key manually add the following to the registry:

RegKey=”HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”

Value Name =”cadca5fe-87d3-4b96-b7fb-a231484277cc”

Type=”REG_DWORD”

Data=”0x00000000″

This can also be set using Group Policy Objects (GPOs) or SCCM to push the new registry key in a managed manner.

Alternatively, customers may download the update packages directly from the Windows Update catalog (in this case the registry key is not required).

Meltdown and Spectre are critical hardware-based vulnerabilities in modern processors. These vulnerabilities could allow an attacker to steal information stored in the memory of a wide range of computer chips running on personal devices an not only computers and phones, but also the servers in data centers, including those used to run cloud computing services.

These widespread vulnerabilities could enable an attacker to steal information stored in the memory of the chip itself, including passwords and cached files. It could also pave the way for attackers to weaken other security features.

Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location.