Check Point published their response to Meltdown and Spectre:

SK122205

Check Point’s take on these so far is that they are of low relevance due to the nature of the attacks: local privilege escalation.

A patch may be in the works. I am wondering if this will ultimately just be addressed in the Linux Kernel. Are we all going to have to update the Kernels on our appliances and Open Servers?

I thought this was interesting as well:

Q: Can malicious code being analyzed on Check Point Threat Emulation appliances exploit these vulnerabilities against the appliance’s operating system?
A: No. A feature which is used in the exploit phase is disabled on our appliances.

A feature is disabled. Hmm.

On another note, my Ubuntu servers already have the patch.

Check Point Response to Meltdown and Spectre – Low Relevance

Leave a Reply

Your email address will not be published. Required fields are marked *

one + one =