Palo Alto Networks Knowledgebase: Steps to Apply Microsoft Patch to Addressed Meltdown and Spectre Vulnerability on Traps Agents
Steps to Apply Microsoft Patch to Addressed Meltdown and Spectre Vulnerability on Traps Agents
Created On 02/07/19 23:37 PM - Last Updated 02/07/19 23:37 PM
Coverage for the Meltdown and Spectre vulnerabilities: Traps anti-exploitation mechanisms will not protect against exploiting of these vulnerabilities. The disclosed vulnerabilities are memory read vulnerabilities. They do not cause code execution. For an attacker to use these vulnerabilities, there likely would have been an initial attack phase that Traps may be able to prevent (e.g. a malicious EXE attempts to exploit the vulnerabilities).
Note that these vulnerabilities are memory read vulnerabilities; they do not cause code execution. For an attacker to use these vulnerabilities in an attack, they would have to have already executed a successful initial attack that Traps may be able to prevent (e.g. a malicious EXE attempts to exploit the vulnerabilities).
Compatibility: All the currently supported product lines (3.4, 4.0, and 4.1) were tested running on all the supported Operating System versions and certified to be compatible with the Microsoft Security updates. Note that the tests were performed on both physical and virtual machines.
Microsoft patch: Traps is compatible with the patches Microsoft released to fix CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 vulnerabilities.
Apple patch: Traps is compatible with macOS High Sierra 10.13.2 Supplemental Update including security improvements to Safari and WebKit to mitigate the effects of CVE-2017-5753 and CVE-2017-5715.
Installing the Patch: Traps 4.0.5-h1, Traps 4.1.2-h1, and later automatically set the registry key Microsoft requires to be present for their security updates to install successfully. For more information on this registry key, please see Microsoft Knowledge Base Article 4072699.