Flagship Solutions Group has been reviewing the recent patches provided by IBM for the Spectre/Meltdown issues and we are working on testing them in our lab. Our policy has always been to wait until a firmware update or patch has been out for at least 8 weeks before we recommend installing it. This provides time to allow the patches to be tested and for any new issues to be discovered and resolved.
At this point we are treating these patches in the same manner. For each of our clients, we are putting together a tailored plan to update to the latest HMC and VIO server levels in addition to the firmware levels just prior to the Spectre/Meltdown patch. This will make it easier to implement the patch once everyone is comfortable with it. The plan will also involve putting on other security fixes to deal with Java, SSL, SSH and other known security issues.
Once everything is up to date, we will then be able to better evaluate the Spectre/Meltdown fixes and will provide an updated plan for those. If you would like to implement those patches more rapidly than 8 weeks after release, please contact your Flagship representative or send an email to sales@flagshipsg.com.
IBM is providing patches for POWER7 servers and higher. If you have POWER6 or earlier servers we would be happy to discuss options with you.
More information on IBM and Spectre/Meltdown can be found at the IBM Blog at:
https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/
Stay connected online: