Updated 1/10/2018: Added link to ITNinja blog post covering a very detailed validation mechanism for Windows written by Timo Weberskirch @ KACE.

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.

Meltdown and Spectre are hardware-level vulnerabilities. As such, every operating system is susceptible. The KACE products - Systems Management Appliance (SMA) and Systems Deployment Appliance (SDA) - both run FreeBSD on Dell hardware platforms. FreeBSD does not yet have a patch available or an ETA for the fix, but since the SMA and SDA are closed-source appliance-based systems, there is no perceived risk from the KACE appliances at this time. Vendor patches will be added to the patch feed (provided by our patch vendor) as they are released and tested. This process usually takes 1-2 days, but may vary according to the vendor patch. Vendor specific information/resources are listed below:

Vendor Specific Information & Resources

KACE Agent Supported Operating Systems

KACE Supported Virtualization Platforms

The Official KACE Knowledge Base article will be updated as more information becomes available: https://support.quest.com/kb/237193