Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
08-20-2018
02:54 PM
Researchers have identified new vulnerabilities in many Intel processors called Foreshadow or L1TF (L1 Terminal Fault). This vulnerability consists of 3 major vulnerabilities:
All assets shown in the report below are potentially vulnerable to CVE-2018-3620 and CVE-2018-3646. Additionally the report displays if the asset is vulnerable to CVE-2018-3615 (GSX) or not. The report cross-references assets in your network with Intel's list of vulnerable processors.
Once you've identified possible vulnerabilities, we recommend following the following mitigation guides depending on your assets:
- CVE-2018-3615: Vulnerability in the Intel software guard extension (SGX).
- CVE-2018-3620: L1 data cache vulnerability on the operating system and system management mode level.
- CVE-2018-3646: L1 data cache vulnerability on the virtual machine manager.
All assets shown in the report below are potentially vulnerable to CVE-2018-3620 and CVE-2018-3646. Additionally the report displays if the asset is vulnerable to CVE-2018-3615 (GSX) or not. The report cross-references assets in your network with Intel's list of vulnerable processors.
Once you've identified possible vulnerabilities, we recommend following the following mitigation guides depending on your assets:
- Microsoft's mitigation guide.
- Microsoft's monthly roll-ups containing patches:
- VMware's mitigation guide (These mitigations might have a negative performance impact).
Select Distinct Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblAssets.Processor As CPU,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
Case
When (tblAssets.Processor Like '%E5-%' And (tblAssets.Processor Like '%v5%'
Or tblAssets.Processor Like '%v6%')) Or
((tblAssets.Processor Like '%I3-6%' Or tblAssets.Processor Like '%I3-7%'
Or tblAssets.Processor Like '%I3-8%') Or
(tblAssets.Processor Like '%I5-6%' Or tblAssets.Processor Like '%I5-7%' Or
tblAssets.Processor Like '%I5-8%') Or (tblAssets.Processor Like '%I7-6%'
Or tblAssets.Processor Like '%I7-7%' Or tblAssets.Processor Like '%I7-8%')
Or (tblAssets.Processor Like '%I9-6%' Or tblAssets.Processor Like '%I9-7%'
Or tblAssets.Processor Like '%I9-8%')) Then 'Yes'
Else 'No'
End As [Potentially Vulnerable to SGX],
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Where ((tblAssets.Processor Like '%I3-%' Or tblAssets.Processor Like '%I5-%' Or
tblAssets.Processor Like '%I7-%' Or tblAssets.Processor Like '%I9-%') Or
((tblAssets.Processor Like '%34__%' Or tblAssets.Processor Like '%36__%' Or
tblAssets.Processor Like '%55__%' Or tblAssets.Processor Like '%56__%'
Or tblAssets.Processor Like '%65__%' Or tblAssets.Processor Like
'%75__%' Or tblAssets.Processor Like '%E3-%' Or
tblAssets.Processor Like '%E5-%' Or tblAssets.Processor Like '%E7-%' Or
tblAssets.Processor Like '%D-21%' Or tblAssets.Processor Like '%D-15%')
And tblAssets.Processor Like '%Xeon%') Or ((tblAssets.Processor Like
'%Bronze%' Or tblAssets.Processor Like '%Silver%' Or
tblAssets.Processor Like '%Gold%' Or tblAssets.Processor Like
'%Platinum%'))) And tblAssetCustom.State = 1
Order By tblAssets.Domain,
tblAssets.AssetName
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
