On Wednesday, January 3, researchers from Google announced a security vulnerability impacting all microprocessors, including processors in the IBM POWER family.

This vulnerability doesn’t allow an external unauthorised party to gain access to a machine, but it could allow a party that has access to the system to access unauthorised data.

If this vulnerability poses a risk to your environment, the first line of defense is the firewalls and security tools that most organizations already have in place. Complete mitigation of this vulnerability for Power Systems clients involves installing patches to both system firmware and operating systems. The firmware patch provides partial remediation to this vulnerability and is a pre-requisite for the OS patch to be effective. These will be available as follows:

  • Firmware patches for POWER7+, POWER8 and POWER9 platforms will be available on January 9. IBM will provide further communication on supported generations prior to POWER7+,  including firmware patches and availability.
  • Linux operating systems patches will start to become available on January 9.  AIX and i operating system patches will start to become available February 12. Information will be available via PSIRT.

Clients should review these patches in the context of their datacenter environment and standard evaluation practices to determine if they should be applied.

If you have any questions or need assistance installing patches to system firmware and operating systems, Applied Technologies are here to help. Contact your account manager or visit our IBM page.


TwitterFacebookLinkedInGoogle+EmailShare

Recent article:
Riverbed – FREE Proof of Concept

Riverbed’s WAN Optimisation products improve and accelerate application performance, allowing a distributed workforce to collaborate in real-time. But don’t take our word for it. Arrange a free proof of concept today to see the dramatic improvements possible. With LAN-like access to data and applications, Riverbed’s SteelHead will optimise your infrastructure and streamline your operations, all whilst […]

Recent article:
Oracle licensing tactics – be warned!!

A couple of interesting articles from Computer Weekly highlighting how Oracle’s lack of transparency and aggressive sales practices could be costing your company money. Applied Technologies recommend TIBERO as an alternative to Oracle, offering considerably lower licensing and maintenance costs. Read this article for more information and to see the Computer Weekly articles.

Recent article:
VDI without the use of a server?

Virtualization of the desktop simplified further with the use of client-side virtualization.