Cylance® Update:
Meltdown and Spectre Vulnerabilities

Talk To an Expert

Meltdown and Spectre are critical hardware-based vulnerabilities in modern processors. These vulnerabilities could allow an attacker to steal information stored in the memory of a wide range of computer chips running on personal devices — not just computers and phones, but also the servers in data centers, including those used to run cloud computing services.

Cylance Update

At this time, it has been confirmed by the Cylance Threat Guidance team that there are no malware kits taking advantage of these vulnerabilities with rogue executables that Cylance would prevent.

Cylance is in the process of assessing all areas of our infrastructure. Amazon Web Services, our cloud provider, has released this statement and informed all their customers that they already protected nearly all AWS instances, and that customers will still have to patch the operating systems they use.

Cylance Customers:

  • Microsoft issued a patch out-of-band before vendors were given time to respond with testing and updates.
  • Initial tests show no impact to CylancePROTECT® or CylanceOPTICS™ from a compatibility perspective.
  • The registry key will only be required if customers wish to utilize Windows automatic updates. If manually applying the update, the registry key is not required. We are currently conducting a full-spectrum of QA testing and will follow up with full update instructions.
  • We recommend that customers test this update in a non-production system first.

The Meltdown/Spectre Registry Tool is now live, please check out our KB at https://support.cylance.com/s/article/Meltdown-Spectre-Registry-Tool

Further details on Meltdown and Spectre Vulnerabilities at https://support.cylance.com/s/article/Further-Details-on-Meltdown-and-Spectre-Vulnerabilities

Cylance will continue monitoring, and if weaponized exploits begin to appear we will update this web page with our protection status.

Resources

See Cylance In Action
Convinced that the next generation of endpoint security solutions are right for your organization? Contact a Cylance expert to get a demo of our solutions.