On January 31st, IBM announced that its POWER family of processors are potentially impacted by the vulnerabilities popularly known as “Spectre” and “Meltdown”.
These vulnerabilities do not allow unauthorized external parties to gain access to a machine, but they could allow a party that has access to the system to view and manipulate data they are not normally authorized to access.
Mitigation of these vulnerabilities for Power Systems users involves installing patches to both system firmware and operating system. The firmware patch provides partial remediation to these vulnerabilities and is a pre-requisite for the operating system patch to be effective.
Beginning in early February, IBM will issue firmware patches for POWER7, POWER7+, POWER8 and POWER9 platforms. IBM i and AIX OS patches will be issued at the same time.
Consistent with previously announced end-of-service, IBM will not be releasing patches for POWER4, POWER5, or POWER6 systems and recommends migrating to a more recent generation of POWER technology.
Northdoor can advise and assist you as you roll out these high-severity security patches across your IBM POWER estate. Drawing on our extensive experience in IBM POWER platform technology, we can help you devise and implement a patching programme or, if necessary, advise you about the upgrade paths available to you.
If you would like to discuss this further, please contact me tom.richards@northdoor.co.uk