Last Updated
May 31, 2018
Summary
Veritas is aware of the issues known as “Meltdown”, “Spectre” and "Spectre-NG" that affect software running on Intel, AMD and ARM processors. Veritas products running on such systems could be compromised by malicious software exploiting these issues. Therefore, it is important that customers install updates from operating system and browser vendors as they are made available. Veritas will update its products that include microcode and operating systems (e.g. appliances) as quickly as possible. In the future, Veritas may provide additional updates to its products to further mitigate these issues, however the exact nature of these mitigations and if or when they will become available is currently unknown.
Please note that these issues can only be exploited by malicious software running on the same physical system as a Veritas product. They cannot be exploited by malicious software accessing a system over a network.
This statement will be updated as additional information becomes available.
| Product | Impacted by Spectre | Impacted by Spectre-NG | Additional Information |
|---|---|---|---|
Access |
No |
TBD | None |
Access Appliance |
No |
TBD | None |
AdvisorMail |
Yes Patches have been applied. |
TBD | None |
Backup Exec |
No |
TBD | None |
Backup Exec Appliance |
Yes |
TBD | |
Cloud Storage |
No |
TBD | None |
CloudPoint |
No |
TBD | |
Data Insight |
No |
TBD | None |
Desktop and Laptop Option |
No |
TBD | None |
eDiscovery |
Yes |
TBD | |
Enterprise Vault |
No |
TBD | None |
EV.cloud |
Yes
|
TBD | None |
| Flex Appliance | No | TBD | None |
HyperScale for Containers |
No |
TBD | None |
HyperScale for OpenStack |
No |
TBD | None |
Information Map |
Yes |
TBD | |
InfoScale (all editions) |
No |
TBD | |
NetBackup |
No |
TBD | None |
NetBackup Appliance |
Yes |
TBD | |
NetBackup OpsCenter |
No |
TBD | None |
Storage NAS |
No |
TBD | None |
Velocity |
No |
TBD | None |
Velocity Appliance |
Yes |
TBD |
References
- https://meltdownattack.com/
- https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
- https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
- https://access.redhat.com/security/vulnerabilities/speculativeexecution
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html
- https://www.us-cert.gov/ncas/alerts/TA18-141A
Questions
If you have any questions about any information in this security advisory please contact Veritas technical support.
Disclaimer
THE SECURITY ADVISORY IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. Veritas Technologies LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
Veritas Technologies LLC
500 East Middlefield Road
Mountain View, CA 94043
© 2018 Veritas Technologies LLC. All rights reserved. Veritas, the Veritas Logo, and NetBackup are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.