Enterprise Data Loss Prevention & Device Control

DeviceLock DLP unaffected by problematic patches for Meltdown and Spectre vulnerabilities

DeviceLock, Inc., an international leader in endpoint data leak prevention (DLP) software, today announced that the functionality and performance of DeviceLock Agents, the endpoint enforcement components of its DeviceLock DLP software, were not negatively affected when the recent patches Microsoft has released to fix the Meltdown and Spectre security vulnerabilities have been installed on computers protected by DeviceLock DLP.

Immediately after Microsoft released security patches to fix these vulnerabilities disclosed by Google Project Zero in a blog post on the 3rd of January 2018, many reports were issued by customers using computers with AMD processors that these devices became unbootable after installing these patches. As a result, Microsoft has put on hold distributing these patches. Later on, Microsoft warned that fixes for Meltdown and Spectre vulnerabilities could "significantly" impact the performance of some systems.

The analysis of the Meltdown and Spectre security patches in the DeviceLock Test Lab revealed that while these vulnerabilities break the isolation between user-mode applications, as well as between the user-mode and kernel-mode processes, the security patch for Meltdown removes part of the system kernel address mapping from the page table for applications running in non-privileged mode. Essentially, this method turns off the possibility for some user-mode processes to access the system kernel address space. Such a restriction is potentially unsafe for those software products whose architecture, in addition to user-mode components, includes kernel-level modules working as OS drivers, as it may cause a critical error of the product execution when its user-mode components are denied access to its own kernel-level modules or 3rd party drivers.

Taking into account that DeviceLock Agent itself is a complex software system with components running in both user- and kernel-level modes, thorough testing was conducted by the DeviceLock R&D team on various computers with different operating systems to check how the DeviceLock Agent works after the Meltdown and Spectre patches had been installed. The comprehensive tests have proved that the functionality and performance of DeviceLock Agent are not negatively affected by the patches – especially such important features as intercepting protocols and operations of 3rd party applications, controlling device drivers, inspecting data content, as well as protecting the Agent from tampering by users with local systems administrator privileges.

The quality of software code and architecture has always been paramount for our product design and development process,” emphasized Ashot Oganesyan, DeviceLock CTO and Founder. “The DeviceLock Agent’s immunity to the problematic techniques used in the Meltdown and Spectre security patches has re-confirmed the high quality of DeviceLock DLP software and the optimal design of its internal architecture.

The DeviceLock DLP solution addresses the needs of organizations that require a simple and affordable approach to preventing data leaks from corporate Windows and Mac laptops, desktop computers, and virtualized Windows sessions and applications. DeviceLock DLP implements and effectively coordinates a full-featured set of contextual and content-aware controls over data-in-use, data-in-motion, and data-at-rest that is designed specifically for preventing information leaks from endpoints without unnecessarily interrupting normal business processes. The DeviceLock DLP solution is designed to effortlessly scale from small to large installations and to simplify DLP deployment and management such that it can usually be performed by in-house Windows administrators using the Microsoft Active Directory’s Group Policy Management Console or DeviceLock’s companion consoles. The complete package delivers an unprecedented level of functionality among endpoint DLP solutions in an easily affordable price range.

For more information on the DeviceLock Endpoint DLP Suite and to read the product review in its entirety, please visit www.devicelock.com.

About DeviceLock, Inc.

Established in 1996, DeviceLock, Inc. provides device control and endpoint data leak prevention software solutions to businesses of all sizes and industries. Protecting more than 8 million computers in more than 70,000 organizations worldwide, DeviceLock has a vast range of corporate customers including financial institutions, state and federal government agencies, classified military networks, healthcare providers, telecommunications companies and educational institutions. Based in San Ramon, California, DeviceLock, Inc. is an international organization with offices in London (United Kingdom), Ratingen (Germany), Milan (Italy), Vancouver (Canada) and Moscow (Russia).

COPYRIGHT ©2018 DeviceLock, Inc. All rights reserved. DeviceLock® and the DeviceLock logo are registered trademarks of DeviceLock, Inc. NetworkLock™ and ContentLock™ are trademarks of DeviceLock, Inc. All other product, service and company names mentioned herein may be trademarks of their respective owners. For more information, visit DeviceLock web-site at www.devicelock.com.