On January 2, 2018, reports surfaced of several serious design flaws in modern computer processor architectures including Intel, AMD, and ARM (CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754). These flaws have existed for many years and make all modern computers – servers, desktops, laptops, and mobile devices – vulnerable to attack. Windows, Mac, iOS, Android, and Linux devices all appear to be affected to some extent. To address these vulnerabilities, updates are required at the operating system level.
Symantec VIP service is made available from Symantec operated data centers. Our operational guidelines require us to patch/update our infrastructure and operating platforms on a regular cadence. This is done in accordance with corporate wide security and operational best practices. As part of this process, OS updates, web server and application server updates and security fixes are regularly applied.
Symantec has a strict policy to update all impacted systems as soon as any security related fixes are made available by platform vendors. VIP infrastructure and operations teams will perform the necessary updates in accordance with this mandate.