Re: [ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715

if you have recent supermicro you dont need to update the bios, Some tests: Crack test: https://github.com/IAIK/meltdown Check test: https://github.com/speed47/spectre-meltdown-checker the intel microcodes you can find here: https://downloadcenter.intel.com/download/27431/Linux-Processor-Microcode... good luck. Arman. On Thu, Jan 11, 2018 at 4:32 PM, Derek Atkins <derek(a)ihtfp.com&gt; wrote: > Hi, > > On Thu, January 11, 2018 9:53 am, Yaniv Kaul wrote: > >> No one likes downtime but I suspect this is one of those serious >> vulnerabilities that you really really must be protected against. >> That being said, before planning downtime, check your HW vendor for >> firmware or Intel for microcode for the host first. >> Without it, there's not a lot of protection anyway. >> Note that there are 4 steps you need to take to be fully protected: CPU, >> hypervisor, guests and guest CPU type - plan ahead! >> Y. > > Is there a HOW-To written up somewhere on this? ;) > > I built the hardware from scratch myself, so I can't go off to Dell or > someone for this. So which do I need, motherboard firmware or Intel > microcode? I suppose I need to go to the motherboard manufacturer > (Supermicro) to look for updated firmware? Do I also need to look at > Intel? Is this either-or or a "both" situation? Of course I have no idea > how to reflash new firmware onto this motherboard -- I don't have DOS. > > As you can see, planning I can do. Execution is more challenging ;) > > Thanks! > >>> > Y. > > -derek > > -- > Derek Atkins 617-623-3745 > derek(a)ihtfp.com www.ihtfp.com > Computer and Internet Security Consultant > > _______________________________________________ > Users mailing list > Users(a)ovirt.org > http://lists.ovirt.org/mailman/listinfo/users