RSS Feed
UPDATED: Kernel Memory Issue - Spectre and Meltdown
Posted by Aliesha Ellington on 24 January 2018 11:04 AM

24/01/18 11.03AM

Our engineers have successfully applied all the relevant operating system patches across our Microsoft hosts.
Linux servers are approximately 50% done, and completion will progress during the course of the week.
Unfortunately hardware firmware updates are constantly being released and revoked due to stability issues they are presenting.
As per recommendation from Intel, its advisable to not apply their current release. We subsequently took the decision to hold back on any firmware updates until the “fixes” have matured in stability.



12/01/18 2.49PM

In response to the global Kernel Memory Leakage vulnerability issues that have circulated throughout the last week, we have worked closely with our hardware and operating system vendors to initiate remedial actions.  

As there is no single fix to cover all the variants of Meltdown and Spectre, we are completing our patching in a phased approach, as outlined below.

Virtualization Platform

  • Our virtualization platform has been patched up to the current vendor issued baseline.
  • There are 2 remaining specific patches which are pending. These depend on the availability of a vendor firmware patch, which we expect to be released in the coming days.

Infrastructure Hardware

  • The majority of our vendors have already released firmware patches, and patching is in progress.
  • For the few still outstanding we are actively tracking availability with the vendor.
  • For hardware that does not have applicable firmware patches, we are also patching the overlying Operating Systems for additional mitigation.  

Operating System Patches    

  • Microsoft have released patches for Windows Operating Systems. Over 50% of our systems are already patched, with the remaining systems being completed next week.
  • The majority of Linux distributions have already released their OS patches, but there are a few who we are still waiting on. We plan to address these patches in our next patch cycle at the beginning of February, so we can include all outstanding patches.
  • We are investigating the possibility of bringing the patch cycle forward, depending on the availability of the Linux patches.

Comments (0)