By now I’m sure we’re all aware of the recent Meltdown and Spectre chip processor vulnerabilities, and I want to let you know that Kaseya has rallied our cybersecurity task force to equip our customers with the latest information and resources to ensure you can safeguard your environments and those of your customers.
The most critical thing everyone can do at this moment is patch your machines and to do so quickly. With VSA, customers can rapidly and automatically deploy OS machines from Microsoft and Apple to protect your networks against Meltdown. While speculation is ongoing as to how these patches may affect performance levels, the security community has yet to come to a consensus on what, if any, performance delay may arise. From what we know so far the effects are relatively limited, and so we strongly advise all users to deploy the patches as soon as possible.
The details around Meltdown and Spectre are still emerging, but the Kaseya cybersecurity task force is on-hand and ready to proactively share information and resolutions as they develop to ensure you are armed with the most up-to-date countermeasures to mitigate these vulnerabilities. Stay tuned to our Automation Exchange as we release additional tools to protect your environment. Our support team has also put together a knowledge base FAQ article that customers can reference here. Please feel free to message me if you’d like to get more information on the matter.
Be sure to also check out our two most recent blog posts on Meltdown/Spectre vulnerabilitites here:
'How to Not Have a Meltdown over Meltdown': blog.kaseya.com/.../how-to-not-have-a-meltdown-over-meltdown
And our updated post, a 'Critical Note on Meltdown Patching': blog.kaseya.com/.../critical-note-on-meltdown-patching
As always, please feel free to reach out if you have any questions on the matter. I am here to help!
i see malwarebytes had posted that they are compatible from an update on their site. being that VSA is still using 1.8, are we still covered by their updates?
ndaddona Wouldn't it be great to have an answer from Kaseya: "i see malwarebytes had posted that they are compatible from an update on their site. being that VSA is still using 1.8, are we still covered by their updates?"
Hey all, missed ndaddona's question. I will have an answer for you shortly.
KES, KAV and KAM - are they all compatible?
I know KAV was tested by Kaseya (the current 10.2.5.3201 version) and that was compatible. I also did some testing on that with two of own machines and the required registry was indeed created.
I found an up-to-date list with Malwarebytes (you need Malwarebytes Database Update 1.0.3624) and AVG included, but with the Kaseya versions it's not 100% sure they're compatible. Security specialist Kevin Beaumont has published this list:
If your AV or AM doesn't automatically create the registry key, but you know it's still compatible (like Webroot) that key has to be created manually. On the Automation Exchange you can find an Agent Procedure by Douglas Sanchez that can create the key for these cases (search for Meltdown and you'll be fine).
Don't run the Agent Procedure if you're not sure, since the Microsoft patches and some AV products are likely to cause BSOD's and then you have a lot of work.
steven.simmons - Any update?
Tim Varvais ndaddona hey all - letting you both know that our team has reached out to multiple reps from Malwarebytes in regards to this and up to this point we have received zero response from anyone on their end. As soon as I get any type of information, you will both be the first to know.
Craig Hart I can confrim that KAV and KAM are both compatiable.
KES is currently under evaluation. I will loop back to you once I can confirm that is also compatiable.
Tim Varvais ndaddona have an update for you both! MBAM 1.8/KAM keeps receiving updates constantly, it works transparently with Windows and does not register with Action Center or Defender Security Center, thus it remains compatible with Microsoft’s recent update to protect against these exploit threats. Hopefully this answers your question. Please let me know if you need me to help further or clarify.
steven.simmons thanks for the confirmation on KAM!!
to steven and/or anyone else, have the patches been rolled into the standard monthly's yet? i was under the impression that although they were out of band critical patches that they would eventually be rolled into the monthly security updates. do we know if/when that is happening?
The January Rollup patches evidently include them as the bulletins that accompany them have the same warnings about AV etc.
I was confused about this and thought the normal January security roll-up was missing. But, it was released one week early, which was exceptional. There was no expected roll-up on the second Tuesday.
Microsoft has said somewhere they could abondon the regular Patch Tuesday and release patches as needed....