Server Products
Data Center Products including boards, integrated systems, Intel® Xeon® Processors, RAID Storage; and Intel® Xeon® Processors
Announcements
Welcome to the Intel Community. If you get an answer you like, please mark it as an Accepted Solution to help others. Thank you!
4302 Discussions

Intel Processor L1TF vulnerabilities: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

JChua7
Beginner
1,415 Views

Hi, How do we go about this fix for the servers. We are using Win2003 standard, Win2003 R2 and Win2008 standard 64 bit. Is there a utility tools to run and check that are in the vulnerability ?

Patching the wrong firmware will be disaster.

Best regards,

0 Kudos
1 Reply
idata
Community Manager
167 Views

Hi Bombshell,

 

 

You will need to check with the manufacturer of your systems to obtain a BIOS update that includes the microcode versions that mitigate this issue. If your servers are from Intel (vs. Dell, HP etc.) then you can find information here: https://www.intel.com/content/www/us/en/support/articles/000028721/server-products.html https://www.intel.com/content/www/us/en/support/articles/000028721/server-products.html

 

 

You will also need to check with Microsoft to obtain the security patches for your servers.

 

 

There is not a super easy tool that can tell you if a system is vulnerable, but this page from Microsoft has details on using PowerShell to determine if a system is vulnerable: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-spec... https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-spec... (this page also has information on mitigating side-channel vulnerabilities disclosed earlier this year)

 

 

You might also find this page useful: https://support.microsoft.com/en-us/help/4457951/windows-server-guidance-to-protect-against-l1-termi... https://support.microsoft.com/en-us/help/4457951/windows-server-guidance-to-protect-against-l1-termi...

 

 

Let us know if you have additional questions on this.
Reply