IGEL Furthers Product Security with Meltdown and Spectre Fix
IGEL has acted quickly in response to the recently disclosed Meltdown and Spectre vulnerabilities with fixes released today.
As background, Meltdown and Spectre affect computer processors, with Meltdown (CVE-2017-5754, critical) affecting Intel CPUs only, and Spectre (CVE-2017-5753 and CVE-2017-5715, high) affecting processors from Intel, AMD and ARM. These vulnerabilities may allow software to read information from other programs and the operating system that they shouldn’t be able to access, for example passwords.
Today IGEL releases fixed firmware images and updates. IGEL strongly recommends updating your devices to these. Note: Any information provided does not release the customer from their obligation to test system modifications in advance. New firmware must always be tested in advance.
The following fixed versions are available for download at https://www.igel.com/software-downloads/
- Partial Update for WES7 and WES7+ with fixes for Meltdown and Spectre (CVE-2017-5754, CVE-2017-5715, CVE-2017-5753) and mitigations for Internet Explorer
- Windows 10 IoT Enterprise Private Build 4.01.140 with fixes for Meltdown and Spectre (CVE-2017-5754, CVE-2017-5715, CVE-2017-5753) and mitigations for Internet Explorer
- IGEL OS 10 Private Build 10.03.550 with fixes for Meltdown (CVE-2017-5754) and Spectre version 2 (CVE-2017-5715), Firefox ESR 52.5 is not affected
- LX (for UD-LX devices)
- OS (for UDC3-converted devices and UD Pocket)
Read the entire article here, IGEL Furthers Product Security with Meltdown and Spectre Fix
via the fine folks at IGEL Technology.