Novell is now a part of Micro Focus

My Favorites

Close

Please to see your favorites.

Advanced Authentication and Meltdown and Spectre Vulnerabilities

This document (7022526) is provided subject to the disclaimer at the end of this document.

Environment

Advanced Authentication 5.x
AAF 5.x
NAAF

Situation

The recently reported Meltdown and Spectre vulnerabilities are used to exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not allowed to read data from other applications, a malicious program can exploit Meltdown and Spectre to obtain access to the protected memory of other processes running on the vulnerable physical or virtual host. 

Meltdown and Spectre are hardware vulnerabilities that need to be addressed by hardware, firmware and operating system vendors.  Software that ships as an appliance, such as Advanced Authentication, will require updates to the underlying OS included with the appliance.  

Resolution

Update the Advanced Authentication appliance.

The Advanced Authentication update channel includes an update for the underlying OS that addresses the Meltdown vulnerability.  An update to address the Spectre vulnerability will be provided as soon as it becomes available. 

Disclaimer

This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7022526
  • Creation Date:08-JAN-18
  • Modified Date:11-JAN-18
    • NovellAdvanced Authentication

Did this document solve your problem? Provide Feedback