Spectre & Meltdown CPU Vulnerabilities
- Digitally signed software
- McAfee whitelisting protection embedded into office devices
- Onboard software verification
- Xerox AltaLink devices support JIT (Just in Time compilation).No known exploit exists. To further harden the devices, JIT can be disabled by applying the SW patch listed below.
- Other devices do not implement JIT- no patches required
- The Digital Front Ends that are hosted on a PC- please see below for patch information
We will continue to monitor the situation and act accordingly to protect our provisions of products to you both now and in the future.
Xerox Software Applications are not impacted. However, those that run on a PC with Windows, Linux, or Solaris operating systems, should have their PC updated, as appropriate.
- Xerox devices: We recommend ensuring appropriate security practices and controls are applied to devices and environment.
- Xerox AltaLink devices: We recommend applying software patch: SPAR release 100.00X.0180.01610 found at Xerox.com/security/Security Bulletin
- EFI Digital Front End : Please consult the following link: http://www.efi.com/support-and-downloads/kbarticle/article-details/?knowledgeArticleID=kA339000000HCDaCAO
- FreeFlow Print Server: Status of patches will be posted at Xerox.com/security/security bulletins
- Other Xerox Software: For Xerox Solutions that run on Windows and Linux platforms, please refer to the Operating System Vendor website to review and determine if appropriate patches are necessary.
Always consult with your IT department as appropriate.
This notice will be updated if further information becomes available. Please visit https://www.xerox.com/Security for additional updates.