[ovirt-users] Are Ovirt updates nessessary after CVE-2017-5754 CVE-2017-5753 CVE-2017-5715
Derek Atkins
derek at ihtfp.com
Thu Jan 11 15:32:21 UTC 2018
Hi,
On Thu, January 11, 2018 9:53 am, Yaniv Kaul wrote:
> No one likes downtime but I suspect this is one of those serious
> vulnerabilities that you really really must be protected against.
> That being said, before planning downtime, check your HW vendor for
> firmware or Intel for microcode for the host first.
> Without it, there's not a lot of protection anyway.
> Note that there are 4 steps you need to take to be fully protected: CPU,
> hypervisor, guests and guest CPU type - plan ahead!
> Y.
Is there a HOW-To written up somewhere on this? ;)
I built the hardware from scratch myself, so I can't go off to Dell or
someone for this. So which do I need, motherboard firmware or Intel
microcode? I suppose I need to go to the motherboard manufacturer
(Supermicro) to look for updated firmware? Do I also need to look at
Intel? Is this either-or or a "both" situation? Of course I have no idea
how to reflash new firmware onto this motherboard -- I don't have DOS.
As you can see, planning I can do. Execution is more challenging ;)
Thanks!
>> > Y.
-derek
--
Derek Atkins 617-623-3745
derek at ihtfp.com www.ihtfp.com
Computer and Internet Security Consultant
More information about the Users
mailing list