Important: Steps to Mitigate ‘Spectre’ and ‘Meltdown’ Chip Vulnerabilities for HPE Products
Recently an industry-wide vulnerability was identified that affects all modern microprocessor architectures including Intel, AMD, and ARM. This involves software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices. This vulnerability is referred to as the “Side-Channel Analysis Method”, or ‘Spectre’ and ‘Meltdown’. Industry hardware and software vendors, including HPE, have been working together to proactively address this vulnerability.
Resolution requires both an operating system update, provided by the OS vendor, and a System ROM update from HPE.
Resolutions are available for the most common operating system (OS) versions and current HPE server generations. Additional resolutions will be provided over time. We recommend taking the following steps immediately. Contact Comport or your Account Executive directly, if you need help.
- “Side-Channel Analysis” requires malware running locally on a system. As a best practice, always keep your software and firmware current.
- To determine if you have impacted systems, view HPE Security Bulletins, and subscribe to alerts about your systems see the HPE vulnerability website. For your convenience we have also included a list of affected HPE products.
- If your system is impacted:
- Download and install the OS update provided by the OS vendor. Windows, Linux, and VMWare are impacted. HPE recommends contacting operating system vendors for patching updates: Microsoft,VMware, SUSE & Red Hat. Depending on the system you are running, you can find instructions on appropriate actions in the HPE Security Bulletin on the Vulnerability Website.
- Update the System ROM to a revision containing updated microcode from HPE. Depending on which system you are running, you can find instructions on appropriate actions to take in the HPE Security Bulletin on the Vulnerability Website.
- Reboot the system, ensuring the new patches are fully deployed.
- In addition, please note that public clouds that use modern microprocessor architectures are potentially impacted. Mobile phones and client computers are also impacted—refer to providers of those products for more details.
It is vital to Comport that our clients stay secure and experience no impacts or downtime.
Erik Krucker, CTO
Comport Consulting Corp.