Server Products
Data Center Products including boards, integrated systems, RAID Storage, and Intel® Xeon® Processors
5059 Discussions

Intel Processor L1TF vulnerabilities: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

JChua7
Beginner
‎08-15-2018 12:55 AM
2,021 Views

Hi, How do we go about this fix for the servers. We are using Win2003 standard, Win2003 R2 and Win2008 standard 64 bit. Is there a utility tools to run and check that are in the vulnerability ?

Patching the wrong firmware will be disaster.

Best regards,

0 Kudos

Link Copied

1 Reply
idata
Employee
‎08-15-2018 08:17 AM
773 Views

Hi Bombshell,

 

 

You will need to check with the manufacturer of your systems to obtain a BIOS update that includes the microcode versions that mitigate this issue. If your servers are from Intel (vs. Dell, HP etc.) then you can find information here: https://www.intel.com/content/www/us/en/support/articles/000028721/server-products.html https://www.intel.com/content/www/us/en/support/articles/000028721/server-products.html

 

 

You will also need to check with Microsoft to obtain the security patches for your servers.

 

 

There is not a super easy tool that can tell you if a system is vulnerable, but this page from Microsoft has details on using PowerShell to determine if a system is vulnerable: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution (this page also has information on mitigating side-channel vulnerabilities disclosed earlier this year)

 

 

You might also find this page useful: https://support.microsoft.com/en-us/help/4457951/windows-server-guidance-to-protect-against-l1-terminal-fault https://support.microsoft.com/en-us/help/4457951/windows-server-guidance-to-protect-against-l1-terminal-fault

 

 

Let us know if you have additional questions on this.
0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.