Environment
PlateSpin Forge
PlateSpin Protect
Situation
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.
Resolution
PlateSpin Migrate:
We advise that customers install all recommended patches on the Microsoft Windows Server hosting the PlateSpin Migration Server.
PlateSpin Protect:
We advise that customers install all recommended patches on the Microsoft Windows Server hosting the PlateSpin Protect Server.
PlateSpin Forge:
1. We advise that customers install all recommended patches on the VMware ESXi server running on the Forge appliance, and on the Microsoft Windows Server hosting the PlateSpin Forge Server.
2. Furthermore we advise that customers upgrade their appliance BIOS according to the specifications listed by Dell here: http://www.dell.com/support/article/jp/ja/jpbsd1/sln308588/microprocessor-side-channel-vulnerabilities-cve-2017-5715-cve-2017-5753-cve-2017-5754-impact-on-dell-emc-products-dell-enterprise-servers-storage-and-networking-?lang=en