Community
ProLiant Servers (ML,DL,SL)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Spectre and Meltdown

 
jbruns2006
Occasional Contributor

‎01-06-2018 08:01 AM

‎01-06-2018 08:01 AM

Spectre and Meltdown

The world is going to want to know from HP, where the firmware and BIOS updates are that mitigate the Spectre and Meltdown exploits on 5 years plus of server models.

We need to hear from you HP and soon.

9 people had this problem.
Reply
46 REPLIES 46
parnassus
Honored Contributor

‎01-06-2018 02:40 PM

‎01-06-2018 02:40 PM

Re: Spectre and Meltdown

Why, before blindly asking, don't you look simply at HPE Community main page?

Don't you think that such important subject already deserved an entire HPE Blog entry?

Here one to start with:

https://community.hpe.com/t5/Servers-The-Right-Compute/Resources-to-help-mitigate-Speculative-Execution-vulnerability/ba-p/6992955

I'm not an HPE Employee
Kudos and Accepted Solution banner
0 Kudos
Reply
jbruns2006
Occasional Contributor

‎01-06-2018 03:01 PM

‎01-06-2018 03:01 PM

Re: Spectre and Meltdown

Thanks for the link.

So, no support for machines older than G8?

Reply
leemillward
New Member

‎01-08-2018 03:23 AM

‎01-08-2018 03:23 AM

Re: Spectre and Meltdown

We have an array of HP Proliant DL360 and 380 servers all G7 and below will these never receive the ROM updates?

Reply
JuniperChris929
Visitor

‎01-08-2018 06:19 AM

‎01-08-2018 06:19 AM

Re: Spectre and Meltdown

I don't think, that HP can afford to let the G7 and even the G6 Servers unpatched - this would be outrageous and forcing many many customers away from HP since G6 and G7 Servers are widely spread in the field out there. Also I don't think that it's legal to require an entitlement for a security issue like that - this already feels wrong...

Let's wait that HP will do once the patches came out.

Reply
Jimmy Vance
Honored Contributor

‎01-08-2018 08:56 AM

‎01-08-2018 08:56 AM

Re: Spectre and Meltdown

@JuniperChris929 wrote:

I don't think, that HP can afford to let the G7 and even the G6 Servers unpatched - this would be outrageous and forcing many many customers away from HP since G6 and G7 Servers are widely spread in the field out there. Also I don't think that it's legal to require an entitlement for a security issue like that - this already feels wrong...

Let's wait that HP will do once the patches came out.

While I dont' have answers to your G6 and G7 questions, I can state that security fixes do not require an entitlement to download. This is clearly stated in the document : HPE ProLiant Servers Firmware Access Update  This is the document normally displayed when you try to access a locked download

" “Critical” related firmware updates (addressing safety and security fixes) will be made available to all ProLiant customers outside of a warranty or support contract and are governed by "customer terms of use".

 

No support by private messages. Please ask the forum! 
Reply
Torsten.
Acclaimed Contributor

‎01-08-2018 09:01 AM

‎01-08-2018 09:01 AM

Re: Spectre and Meltdown

>> Also I don't think that it's legal to require an entitlement for a security issue like that

For all the BIOS (microcode) updates released so far you don't need an entitlement, because they are "critical".


Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Reply
Robert Hawle
Advisor

‎01-08-2018 09:25 AM

‎01-08-2018 09:25 AM

Re: Spectre and Meltdown

Hi.

i already installed Bios 2.54 on my Dl380 Gen9 and MS Patches but i still get a negative response from the "Speculation Control Validation PowerShell Script"

this is what i did:

- apply Regestry keys (QualityCompat, FeatureSettingsOverride and FeatureSettingsOverrideMask)

- install Bios 2.54

- install MS Patches (KB4056898 + KB4056568)

- reboot

seems to me as if there is someting wrong... Bios update or Script!? what is your experience?

here is the output from the script:

spectre.png

0 Kudos
Reply
JP_KIWI
Occasional Visitor

‎01-08-2018 02:50 PM - edited ‎01-08-2018 02:53 PM

‎01-08-2018 02:50 PM - edited ‎01-08-2018 02:53 PM

Re: Spectre and Meltdown

Did you try a second reboot?

I noticed during applying firmware updates to our Gen9 servers that a second reboot was required.

I believe the correct process is to do firmware first then reboot, then apply OS updates and reboot again.

I tried a couple of times to install both the firmware and OS updates at the same time and do a single reboot but it never worked, always needed the second reboot.

 

Reply
Robert Hawle
Advisor

‎01-09-2018 01:42 AM

‎01-09-2018 01:42 AM

Re: Spectre and Meltdown

n1! second reboot did the trick! thx!

 

next problem are our ESX Servers on Dl380 gen9 (latest 6.5201712101 and 6.0 201711101) also with Bios 2.54 (more times rebootet).

all VMs running telling that a Bios update is needed! (HW version 11 used Speculation Control Validation PowerShell Script)

what to do?

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.