SUPPORT COMMUNICATION- SECURITY BULLETIN
Document ID: c05869091
Release date : 04-Jan-2018
Last updated : 26-Jan-2018
Potential Security Impact:
A vulnerability has been disclosed with modern CPU architecture referred to as side-channel analysis or speculative execution. Researchers have nicknamed the vulnerabilities “Spectre” and “Meltdown”. The result of exploits could potentially lead to loss of sensitive information.
Intel has recommended deployment of the MCU patch. They disclosed that the security vulnerabilities and/or mitigation techniques may result in adverse performance, reboots, system instability, data loss or corruption, unpredictable system behavior, or the misappropriation of data by third parties.
In response to Intel’s recommendation, HP technical support team is taking the following actions:
• HP is removing HP BIOS softpaqs with Intel microcode patches from hp.com.
• HP will be reissuing HP BIOS softpaqs with previous Intel microcode starting January 25, 2018.
• Once Intel reissues microcode updates, HP will issue revised Softpaqs. for more info contact HP support toll free 1-844-296-4279.
HP is working closely with our partners, and updates will be made as soon as possible. Check this Security Bulletin frequently for updates.
At HP we take security very seriously— it is a top issue for our customers and the foundation of trust in our products. We are focused on addressing security issues and providing the required updates to protect our customers.
Consumer Desktops and Notebooks, Commercial Desktops, Notebooks, and Retail POS, Commercial Desktop Workstations
See the RESOLUTION section for impacted products.
For Windows, the following actions are required:
• Ensure that your anti-virus software as well as your anti-virus definitions are up to date before installing the Windows OS update. Contact your anti-virus vendor more details contact HP support toll free 1-844-296-4279.
• Windows OS Updates (Windows 7 through Windows 10) are required. Microsoft has made patches/updates available via Windows Update. Go to Microsoft Security Advisory http://hp-contact.com/blog/2018/02/02/how-to-fix-hp-computer-start-up-problems-windows-7-8-and-10/
for further details.
• Processor microcode updates are being released via BIOS updates to help mitigate this issue. Relevant BIOS updates can be downloaded from the platform lists below.
For Google Chrome:
• Google Chrome and Google Chrome OS (e.g. Chromebooks) have software updates at Google’s Security Blog link: http://hp-contact.com/blog/2018/01/31/welcome-to-hp-computer-support-phone-number-1844-296-4279-for-hp-computer-repair/
• The January 2018 Windows security update will only be offered to devices running supported anti-virus (AV) applications.
If you do not see the patch available to download from Windows Update, your anti-virus software may need to be updated.
• Software patches from other OS vendors may also be required. Contact your OS vendor for potential software patches.
• Hypervisors could also be affected. Check with your hypervisor vendor for potential software patches.
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer’s patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, call us on 1-844-296-4279
Report: To report a potential security vulnerability with any HP supported product, Call 1-844-296-4279 (toll Free)
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email, visit https://www.facebook.com/Support-For-HP-1637614709610364
Support: For further information, contact HP technical support toll free 1-844-296-4279. or Visit www.hp-contact.com.