- These are not vulnerabilities in Trend Micro products.
- Microsoft began issuing out-of-band security patches starting on January 3, 2018 for Windows platforms, and is requiring its customers to check compatibility with anti-malware products before installing this patch.
- Trend Micro's endpoint and security products listed below are compatible with Microsoft's January 2018 security patches.
- It is highly recommended that customers test any patch or solution mentioned in a non-production environment first before a wider deployment.
- At this time, there are no known in-the-wild exploits of either the Meltdown or Spectre vulnerabilities; however, there is a POC remote exploit for Spectre. Trend Micro has released some out-of-band protection updates for this.
Please read further for more information.
On January 3, 2018, Microsoft began to release its monthly Security Bulletin early for some platforms due to newly revealed CPU security flaws - commonly referred to as "Meltdown" and "Spectre". Microsoft's January 2018 patches implement new requirements (KB4072699) to target the delivery of the patches and to ensure that security and anti-malware software is compatible.
Microsoft has requested that security vendors verify product compatibility with this new patch, and Trend Micro commercial endpoint and server security products - including Trend Micro OfficeScan, Worry-Free Business Security, and Deep Security - are affected by these new Microsoft requirements. Our compatibility testing is underway and the latest information can be found below.
As part of our regular process, Trend Micro's product development team conducts pre-release compatibility testing with Microsoft security releases to try prevent major issues. Due to the early emergency deployment of Microsoft's patch beginning on January 3, Trend Micro's complete compatibility testing was not finalized on day zero. However, Trend Micro has completed testing on the endpoint and server security products listed below and will continue to update this article as necessary.
|OfficeScan||11.0 and above||Windows|
|Worry-Free Business Security Standard/Advanced||9.0 and above||Windows|
|Worry-Free Business Security Services||6.2 and above||Windows|
|ServerProtect for Storage||6.0||Windows|
|ServerProtect for Microsoft Windows (SPNT)||5.8||Windows|
|ServerProtect for EMC Celerra (SPEMC)||5.8||Windows/EMC|
|ServerProtect for Network Appliance Filers (SPNAF)||5.8||Windows/NAF|
|Deep Security (Agent and Virtual Appliance)||9.0, 9.5, 9.6, 10.0 and above||Windows|
|Trend Micro Vulnerability Protection||2.0||Windows|
|Trend Micro Endpoint Sensor||1.6||Windows|
|Trend Micro IM Security||1.6 and 1.6.5||Windows|
|PortalProtect for SharePoint||2.1, 2.1 R2 and 2.5||Windows|
|Trend Micro ScanMail for Exchange||12.0, 12.5*||Windows|
* Please note that even though that Trend Micro ScanMail for Exchange is a messaging security product, Trend Micro did find some initial incompatibility with the January 3rd patches after testing. Microsoft identified the issue on their end and has released some updates to resolve this. Please see article Trend Micro KB article 1119222 for more information.
Non-Microsoft Solution Compatibility
As Microsoft products are not the only ones affected by Meltdown and Spectre, Trend Micro has information on other solutions and platforms such as Apple macOS and Linux. Below are some links to specific information on compatibility of Trend Micro products with non-Microsoft operating systems:
- Trend Micro Deep Security Linux Kernel Compatibility for Meltdown and Spectre (KB1119250)
- Latest Security for Mac (TMSM) agent builds that are compatible with Meltdown and Spectre Vulnerability Patches on macOS (KB1119219)
Trend Micro Protection
As of now, there are no current known in-the-wild exploits of the Spectre and Meltdown vulnerabilities. However, there have been some proof of concept (POC) ones shared in the community which highlight some theoretical remote attacks using Spectre. Trend Micro has proactively released the following out-of-band updates:
- Trend Micro TippingPoint - Digtal Vaccine #DV9051
- Trend Micro Deep Security & Vulnerability Protection - DSRU18-003
Trend Micro Blogs
- Fixing the Meltdown and Spectre Vulnerabilities (Trend MIcro SimplySecurity Blog)
- Meltdown and Spectre Intel Process Vulnerabilities: What You Need to Know (Trend MIcro Security News)
- A Rundown of Microsoft's New Patch Deployment Process (Trend Micro Security News)
- Microsoft Security Advisory (ADV180002)
- Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software (KB4072699)
- Windows 10 version 1709 Update Information (KB4056892)
- Windows 10 version 1607 and Windows Server 2016 Update Information (KB4056890)
- Windows Server 2008 R2 SP1 and Windows 7 SP1 Update Information (KB4056897)
- Information on how to download updates directly from the Windows Update Catalog (KB323166)
Other 3rd Party Information