Sophos Security Update

Security Security Update for All Sophos Customers
Sophos Security

Sophos wants to make you aware of the memory isolation issues affecting Intel, AMD, and ARM processors and what actions you can take now. The flaw enables attack code to read anything in memory, which could lead to data or credential theft. The vulnerability is known by names such as Meltdown, Spectre, KPTI, KAISER and F**CKWIT. Patches were released by Microsoft, Linux, and other platforms on Jan 3, 2018. Because exploitation requires the execution of some form of attack code, Sophos products, which do not allow for any form of unauthorized code execution, are not at a high risk of attack.

 

Sophos Endpoint Security Products
Given that OS mitigations of the hardware vulnerability potentially impacts system stability and performance, Microsoft is advising customers to contact your security vendor before applying the patch. The security vendor will:
1. Confirm if their security software is compatible with the Windows update, and if so
2. Distribute an updated version of the security vendor’s software that sets a specific registry key which enables the Windows update
Sophos has completed testing of Windows update and can confirm compatibility. We will begin to automaticalladd the registry key setting to the following Sophos products starting Jan 5, 2018: