I just updated our Scientific Linux systems, which means the RHEL updates are out too, and presumably CentOS updates are too or will be shortly. These updates included firmware/microcode packages, which I'm assuming are loaded on reboot as well. Some of the reports I read suggested that you'd need to reflash your BIOS/UEFI firmware once the PC manufacturers release these updates. Are those reports in error, confusing the two types of firmware, or are we going to have to hunt down PC or mobo-specific firmware updates for this whole debacle too?
On 2018-01-04 17:00, Trevor Cordes wrote:
FYI, Fedora has just released the latest kernel that has initial mitigation for Meltdown. I'm sure other distros are doing likewise. It'll be interesting to see the performance hits we all take on this. Of course you'll have to reboot for the update to take effect. I suspect we'll see rapidfire releases of kernels for the next few weeks...
P.S. Alan Cox has stated that the Spectre-type flaw (I think) could be triggered with a JS attack, causing the browser to leak sensitive data outside the sandbox to malicious JS / websites. Proving once again we all need NoScript or equivalent.