This article contains information on how Trend Micro appliances (including virtual appliances) may be affected by the earlier disclosed CPU Speculative Executive issue: CVE-2017-5753, CVE-2017-5715, CVE-2017-5754, and the recently disclosed CVE-2018-3640 and CVE-2018-3639 variants – more commonly known as Meltdown and Spectre.
Please note that Meltdown and Spectre are not Trend Micro vulnerabilities, but instead exist at a hardware (CPU) layer on multiple operating systems including Microsoft Windows, Linux and Apple macOS.
This article will continue to be updated as more information and solutions become available.
Where necessary and available, Trend Micro has evaluated specific vendor’s OS/kernel patches and has integrated their updates for the earlier variants of Meltdown and Spectre into the following patches/versions of Trend Micro products listed below:
|Product||Minimum Updated Version*||Notes||Platform||Availability|
|Deep Discovery Analyzer||Version 6.0 (B1212)||Readme||Appliance||Available Now|
|Version 6.1 (B1114)||Readme||Appliance||Available Now|
|Deep Discovery Email Inspector||Version 3.0 Patch 1 (B1246)||Readme||Appliance||Available Now|
|Deep Discovery Inspector||Version 5.0 HF 1590**||See Below||Appliance||Available Now|
|Deep Security Appliance||Version 11.0||Readme||Virtual Appliance||Available Now|
|InterScan Messaging Security (Virtual Appliance)||Version 9.1 CP 1695||Readme||Virtual Appliance||Available Now|
|Version 9.0 HF B1666**||See Below||Virtual Appliance||Available Now|
|SafeSync for Enterprise||Version 3.2 HF B2066**||Readme||Linux (Virtual Appliance)||Available Now|
|Smart Protection Server (Standalone)||Version 3.3 B1082||Readme||Linux (Virtual Appliance)||Available Now|
* The version listed is the minimum version or build that incorporates enhancements or patches related to this issue. However, Trend Micro strongly recommends that customers apply the latest build or patch (if available) to ensure that other critical issues and vulnerabilities are also addressed. Please visit Trend Micro’s Download Center for the latest versions and patches.
** Customers needing image or hotfix (HF) solutions listed above may contact Trend Micro technical support to obtain the solution and for more information.
In addition, the following products have been analyzed and due to the closed nature of the system and the steps needed to exploit this vulnerability, do not require a specific patch update at this time:
- InterScan Web Security Virtual Appliance
- Network VirusWall Enforcer