If there are any virtual machines with VM version below 8.0, you must set a specific registry value on the host operating system. These virtual machines will see the new processor capabilities after a cold boot. If all of the virtual machines on the host are VM version 8.0 or higher, then no configuration is required. This configuration is based on the VM version of the guest virtual machines. Ensure Hyper-V is configured to expose new processor capabilities to guest virtual machinesĮnsure that Hyper-V is configured to expose the new processor capabilities into guest virtual machines. Once the virtualization host's firmware has been updated, the hypervisor can make these additional capabilities available to guest virtual machines after taking the following steps. Ensure the virtualization host has been updated to firmware which contains updates for CVE-2017-5715įirmware updates from your OEM may contain new processor capabilities that can be used to protect against CVE-2017-5715 ( IBRS, STIBP, IBPB). Cve 2017 14491 zyxel firmware update how to#For details about how to enable this update, see Microsoft Knowledge Base article 4072699. Perform a cold boot of guest virtual machines.Īpply the Windows operating system update to the virtualization host.Update the guest operating system as required.Ensure Hyper-V is configured to expose new processor capabilities to guest virtual machines.Ensure the virtualization host has been updated to firmware which contains updates for CVE-2017-5715.The following steps are required to ensure that your virtual machines are protected: For general Windows Server guidance, please refer to this page. This page provides additional detail about protecting virtual machines on Hyper-V hosts from CVE-2017-5715 (branch target injection).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
February 2023
Categories |