Micron

Updated:  November 06, 2018

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.crucial.com/usa/en/support-ssd-firmware

Addendum

There are no additional comments at this time.

Microsoft

Updated:  November 07, 2018

Status

  Affected

Vendor Statement

Encryption with BitLocker depends on the correct setting of the Group Policy. More information about this Group Policy can be found via the following location(Microsoft URL). Changing the default setting is not sufficient to mitigate the risk because it does not affect the vulnerability in already encrypted data. Only a complete new installation,including removal and reformatting of data,enforces encryption via BitLocker.

Vendor Information

For details,please see the vendor's web page.

Vendor References

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV18002 8 https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-s erver-2012-R2-and-2012/jj679890(v=ws.11)#configure-use-of-hardware-based-en cryption-for-fixed-data-drives

Addendum

There are no additional comments at this time.

Samsung Memory

Updated:  November 05, 2018

Status

  Affected

Vendor Statement

For non-portable SSDs:We recommend installing encryption software(freeware available online)that is compatible with your system. For portable SSDs:We recommend updating the firmware on your device.

Vendor Information

For details please see the Vendor's web page.

Vendor References

https://www.samsung.com/semiconductor/minisite/ssd/support/consumer-notice/