HP has released key System ROMs for their Proliant Gen10 servers to mitigate Variant 2 vulnerabilities for Spectre. See the release notes HERE
Explanation of different Variants of the Spectre/Meltdown Vulnerabilities from HP’s article (Release Microcode pertains to Variant 2):
There are three variants to the issue. Variant 1 (CVE-2017-5753) and Variant 2 (CVE-2017-5715) are also referred to as Spectre. Variant 1 requires only an OS update.
Variant 2 requires both an OS update and a new microcode which is included in an updated System ROM.
Variant 3 (CVE-2017-5754) is also referred to as Meltdown and only requires an OS update. All three variants of the attack require malicious software running on the system. To reduce exposure to these vulnerabilities, HPE recommends customers vigilantly maintain security best practices and keep systems up to date.
Update (02/20/2018) -Intel has now granted production status to an updated microcode for Skylake-SP processors used on HPE ProLiant and Synergy Gen10 servers. System ROMs are now available from HPE that include this updated microcode.
Here’s to hoping for better results this time around. If you have any results to report, please leave your comments below or at @VirtuallyAware.