Davoud Teimouri

Virtualization & Datacenter

[Download]: Critical HPE Servers ROM Update – Spectre Vulnerability

Critical HPE Servers ROM Update

HPE has released ROM updates for ProLiant servers at March 2018. Those updates has been released in order to updating Intel processor microcode to the latest version.


After discovering the vulnerability at January 2018, Operating Systems updates and ROM updates have been released by OS vendors and hardware vendors to preventing security breaches.

There are three variants of this vulnerability as indicated in the table below. As indicated, all three variants require operating system updates for mitigation. Variant 2 also requires an updated microcode from the processor vendor which HPE delivers as part of the System ROM. All variants of the vulnerability require malicious software to run on the system. To reduce exposure to these vulnerabilities, HPE recommends customers vigilantly maintain security best practices and keep systems up-to-date.

 Name CVE Number OS Update Required Microcode Required 
Variant 1 Spectre CVE-2017-5753 Yes No 
Variant 2 Spectre CVE-2017-5715 Yes Yes 
Variant 3 Meltdown CVE-2017-5754 Yes No 

Read more the below link, about updated ROM and find the list of servers that those servers have available system ROM:

Bulletin: (Revision) HPE ProLiant, Moonshot and Synergy Servers – Side Channel Analysis Method Allows Improper Information Disclosure in Microprocessors (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)

2,190 total views, 1 views today

[Download]: Critical HPE Servers ROM Update – Spectre Vulnerability
5 (100%) 3 Votes

Davoud Teimouri is as a professional blogger, vExpert 2015/2016/2017/2018, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.


Add a Comment
  1. Davoud – Thanks for all you do. It’s like we live in the same world – Your posts are always timely and helpful. Keep it up!

  2. Hey, thanks a lot for your work!

    Do you know whether these solutions impact server performance? What I understood is that all solutions went through a decrease in performance.

    Thanks again!

    1. I guess, new patches have impact on performance yet.

Leave a Reply

Your email address will not be published. Required fields are marked *

Teimouri.net © 2012
Read previous post:
Nakivo Backup & Replication 7.4 Beta
[Review]: Nakivo Backup & Replication 7.4 Beta for VMware, Hyper-V, and AWS

Nakivo Backup & Replication 7.4 Beta has been released for VMware, Hyper-V and Amazon WorkSpaces. The new version has lot...