QRadar Meltdown/Spectre CVEs support considerations
The QRadar development team is aware of the CVEs known as Meltdown/Spectre and is evaluating both the IBM QRadar components and the included software and hardware third party components for potential impact and remediation.
The QRadar development team is aware of the CVE's known as Meltdown/Spectre. They are evaluating both the IBM QRadar components and the included software and hardware third party components for potential impact and remediation.
Update as of 06 June 2018:
Release of QRadar 7.2.8 Patch 13 (188.8.131.5280529210357)
Update as of 23 May 2018:
Release of the QRadar 7.3.1 Patch 4 SFS (184.108.40.20680507202600)
Subsequent updates on this vulnerability and possible patches - whether for customer installed versions, virtual and software appliances as well as our SAAS offering - will be found at http://www.ibm.com/support/docview.wss?uid=swg22012320
Warning: For QRadar hardware and virtual Appliance Customers, applying any firmware or software patches received directly from third-party vendors could cause further issues. We will update this as we learn more about the updates recommended by the third-party vendors.
For the QRadar SAAS offering, Development also is working closely with the IBM Cloud team around the application of fixes.
You may use the dW Answers forum for any other questions related to this vulnerability. Post your question using the tag CPUVulnerability at https://developer.ibm.com/answers/topics/CPUVulnerability/
For additional information, visit Support Flash: Central Processor Unit (CPU) Architectural Design Flaws