Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

SECURITY BULLETIN: Trend Micro Appliances (including Virtual) Guidance for L1 Terminal Fault (L1TF) Vulnerability

    • Updated:
    • 20 Aug 2018
    • Product/Version:
    • Deep Discovery Analyzer 6.All
    • Deep Discovery Email Inspector 3.All
    • Deep Discovery Inspector 5.All
    • Deep Security 11.All
    • InterScan Messaging Security Virtual Appliance 9.All
    • InterScan Web Security Virtual Appliance All.All
    • Network VirusWall Enforcer 1500i All.All
    • Network VirusWall Enforcer 3500i All.All
    • Network VirusWall Enforcer 3600i All.All
    • SafeSync for Enterprise 3.All
    • Smart Protection Server 3.All
    • Platform:
    • Appliance All
    • Bare Metal N/A
    • Virtual Appliance 4.1
Summary

This article contains information on how Trend Micro appliances (including virtual appliances) may be affected by the new speculative side channel vulnerability know as L1 Terminal Fault (L1TF): CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646.

Please note that L1TF is not a Trend Micro vulnerability, but instead exists at a hardware (CPU) layer on multiple operating systems including Microsoft Windows, Linux and Apple macOS.

This article will continue to be updated as more information and solutions become available.

 
Looking for Meltdown and Spectre information for Trend Micro appliances? Please visit this article for more information.
Details
Public

Trend Micro is continually evaluating all of its hardware and virtual appliances to determine which may be potentially affected by this new L1TF variant and the potential impact of the available resolutions.

As noted in our appliance guidance bulletin for Meltdown and Spectre, Trend Micro’s analysis and risk assessment of the L1TF variant is the same as later variants of Meltdown and Spectre (v3a and v4) – mainly that due to the complexity of the nature of a potential attack and closed nature of Trend Micro hardware and virtual appliances, the attack surface is considerably reduced and is considered low risk.

Currently Trend Micro is not aware of any exploits or attacks, that are in the wild, which affect Trend Micro hardware and virtual appliances.

Updated Solutions

For non-appliance solutions, it is highly recommended that Trend Micro customers ensure they have the necessary critical patches from their OS and hypervisor vendors as appropriate.

One notable issue is that CVE-2018-3646 deals specifically with virtualization software and Virtual Machine Monitors (VMM). In theory, exploitation of this flaw could allow a malicious guest virtual machine (VM) to obtain data in the VMM from other guest VMs. While this type of Inter-VM scenario is out of our control – Trend Micro still highly encourages customers to ensure they have applied any necessary hypervisor patches or updates as provided by your vendor.

Where necessary and available, Trend Micro will evaluate specific vendor’s OS/kernel patches and will integrate them into updated patches or versions of the appliances.

If/when any additional patches become available for a particular appliance or virtual appliance, this article will be updated.

Reference(s)

Premium
Internal
Rating:
Category:
Upgrade; Update
Solution Id:
1120758
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.