So....  HPE notified me of a potential problem associated with Intel CPUs (as are found on ProLiant DL360 Gen9).  They classified this as a HPE Security Vulnerability - TLBleed Side-Channel Information Disclosure Attack Against Intel CPUs...

After creating an Intel account and such, here I am trying to make sense of all this, and am left wondering the applicability of the "issue" outlined in the HPE notification, and the fact I am running ESXi on HPE machines?

I came to Intel looking for something I could install to mitigate the TLBleed matter, but since I am not running WIndows, Apple, or Linux, is there a "fix" to be had?  Is this something I need to worry about?  I've gone as far as downloading the (2019) Windows version (as I often download the Windows iLO updates and use 7zip to extract the ilo.bin file from the exe file to update iLO on my 2 DL360 Gen9 hosts).  I didn't know if something similar was to be done with your IPP or, if, because I am running an OS you are not 'including' in your literature regarding this issue, does this mean the vulnerability does not apply?

Seems unlikely somehow.... 

I am not developing 'software' that needs 'IPP libraries' as part of software to be delivered....  I simply possess hardware that includes Intel processors on-board, and am looking to mitigate the vulnerability.  HPE didn't make this very easy in terms of the information they provided me--but they provided enough for me to find myself on your site, and I found enough information there to have created an account in the hopes to find a "solution".

Assuming there is something I can download--what is it, exactly, I need to extract?  Checking the Windows flavor of your IPP, I do see a couple of bin files within)--AND, more importantly, WHERE is this installed?

If HPE's "Critical Customer Bulletin" was well-intentioned, but not really applicable to me, perhaps more communication between Intel and HPE is required in the future?

Can someone from Intel advise?

Thanks in advance.

Regards,

MG