News & Events
Wiwynn Statement on CPU Hardware Vulnerable to Side-channel Attacks
Wiwynn has been notified about an industry-wide potential security issue, a new side-channel analysis method referred to as Meltdown and Spectre. Both of them take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a Side-channel. The issues are organized into three variants:
- Variant 1 (CVE-2017-5753, Spectre): Bounds check bypass
- Variant 2 (CVE-2017-5715, also Spectre): Branch target injection
- Variant 3 (CVE-2017-5754, Meltdown): Rogue data cache load
The security vulnerabilities affected Wiwynn’s Intel-based servers. Mitigation and resolution may call for both an operating system and a firmware update. Wiwynn have been working closely with Intel for the appropriate mitigations and had made BIOS with update microcode available for SV300G3, SV7200G3, SV5100G3 and SV5200G3. More updates will continue to roll out over the next few weeks. Customers can contact Techsupport@wiwynn.com for updated firmware, schedule and further supports.
In the meantime, we highly recommend customers also consult with operating system vendors for OS upgrade and allocate resources for required validation.
External references for more details:
Back to List