Meltdown/Spectre (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754) impact on Dell Products

Dell is aware of the side-channel analysis vulnerabilities described in CVEs 2017-5715, 2017-5753 and 2017-5754, known as Meltdown and Spectre affecting many modern microprocessors. For more information, please visit security updates posted by Intel and AMD.

• The issue is not specific to any one vendor and takes advantage of techniques commonly used in most of the modern processor architectures. This means that a large range of products are affected from desktops and laptops to servers and storage, even smartphones.
• Mitigations include updates to both system software (Operating System (OS) patch) and firmware (BIOS, microcode updates). In some environments this may include hypervisor patches, patches to virtualization software, browsers and JavaScript engines.
• Good security hygiene should continue to be used. This includes ensuring devices are updated with the latest patches, employing anti-virus updates and advanced threat protection solutions.  
• As Intel reported in their FAQ, researchers demonstrated a proof of concept. That said, Dell is not aware of any exploits to date.

Note: You can change the language on many of the web page(s).

Patch Guidance (updated March 20, 2018)

There are two essential components that need to be applied to mitigate the above mentioned vulnerabilities:
1) Apply the firmware update via BIOS update.
2) Apply the applicable operating system (OS) patch.

What does this mean for you?

For more information on affected platforms and next steps to apply the updates, please refer to the following resources. They will be updated regularly as new information becomes available. Dell is testing all firmware updates before deploying them to ensure minimal impact to customers.

Dell is deploying the OS patches and firmware updates within our own IT infrastructure in line with best security practices.

Additional resources: