Spectre and Meltdown Vulnerabilities on Service Desk Appliance

  • 7022571
  • 18-Jan-2018
  • 18-Jan-2018

Environment

Service Desk 7.3 Appliance
Service Desk 7.4 Appliance

Situation

The recent Spectre and Meltdown CPU vulnerabilities impact the underlying OS of any of the endpoint management products that utilize the SUSE Linux Enterprise appliance including the Micro Focus Service Desk Appliance.

The specific vulnerabilities are:
  • CVE-2017-5753
  • CVE-2017-5715
  • CVE-2017-5754

Resolution

Micro Focus is currently testing the SUSE Linux Enterprise Server fixes, that have been made available by the SUSE Linux team, to ensure that they do not introduce product compatibility issues. Once this testing is completed, this TID will be updated with information on how to get and apply the patches.

We expect these patches to be available shortly, and recommend checking back on this TID as further information becomes available.

Status

Reported to Engineering

Additional Information

If you are hosting any of the endpoint management products on Windows or SUSE Linux servers we strongly recommend that you apply the Spectre and Meltdown vulnerability patches to your server to prevent security events.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.