So.... HPE notified me of a potential problem associated with Intel CPUs (as are found on ProLiant DL360 Gen9). They classified this as a HPE Security Vulnerability - TLBleed Side-Channel Information Disclosure Attack Against Intel CPUs...
After creating an Intel account and such, here I am trying to make sense of all this, and am left wondering the applicability of the "issue" outlined in the HPE notification, and the fact I am running ESXi on HPE machines?
I came to Intel looking for something I could install to mitigate the TLBleed matter, but since I am not running WIndows, Apple, or Linux, is there a "fix" to be had? Is this something I need to worry about? I've gone as far as downloading the (2019) Windows version (as I often download the Windows iLO updates and use 7zip to extract the ilo.bin file from the exe file to update iLO on my 2 DL360 Gen9 hosts). I didn't know if something similar was to be done with your IPP or, if, because I am running an OS you are not 'including' in your literature regarding this issue, does this mean the vulnerability does not apply?
Seems unlikely somehow....
I am not developing 'software' that needs 'IPP libraries' as part of software to be delivered.... I simply possess hardware that includes Intel processors on-board, and am looking to mitigate the vulnerability. HPE didn't make this very easy in terms of the information they provided me--but they provided enough for me to find myself on your site, and I found enough information there to have created an account in the hopes to find a "solution".
Assuming there is something I can download--what is it, exactly, I need to extract? Checking the Windows flavor of your IPP, I do see a couple of bin files within)--AND, more importantly, WHERE is this installed?
If HPE's "Critical Customer Bulletin" was well-intentioned, but not really applicable to me, perhaps more communication between Intel and HPE is required in the future?
Can someone from Intel advise?
Thanks in advance.
Regards,
MG