News

 

Field Alert – “Meltdown” and “Spectre” processor vulnerabilities

 

Dear Verint customer,

 

This field alert is an update to the previous alert on the Meltdown” and “Spectre” processor vulnerabilities, as published on January 18th.

 

Our guidance up to this point was to hold off on patching of all serves running the Verint WFO suite until the majority of 3rd party vendor patching is released and Verint engineering completes the assessment of functional and performance impact.  As of now, the majority of patches for OS, CPU and hypervisors are available. Vendors continue to provide fixes to related issues, while some of the previous patches where retracted because of new problems they introduced. The latter is part of why the certification process progresses slowly.

 

As a first priority our performance tests focused on the recording platforms. The tests conducted by Verint engineering show that CPU utilization of recorder platforms, post patching the vulnerabilities, is higher, compared to similar tests prior to patching. The impact is less than 20% of CPU utilization and was registered on all tested CPU types from the list recommended and supported by Verint.

 

The following 3rd party patches where certified as part of our recording performance tests:

 

  • Bare metal deployment:

Taking into account the working profiles of the recorder server and current capacity guidance of 20% CPU utilization growth will not impact recorder capabilities. It is safe to apply the patches on the recorders running on bare metal servers (non-virtualized deployment). The guidance is applicable for all currently supported  versions.

 

  • Virtualized deployment:

Testing on VMWare environments show similar affect to the CPU utilization of the recorders.  Properly sized, reserved recorders on VMWare hosts, with no over-provisioning should not experience any issues.  Patching of these servers is safe and the same recommendation to monitor performance as for bare metal deployment applies. 

 

IMPORTANT:  As the impact on performance may vary depending on the underlying hardware and CPU, Verint strongly recommends monitoring the recording server operation after patch application and have a rollback scenario ready at all times if problems arise.

 

 

 

  • As a next step we are proceeding to performance test additional components we identified as risk areas.
  • Verint keeps  monitoring any developments related to those vulnerabilities, such as new patches, updated patches and other findings reported by 3rd party vendors.

 

 

More updates to follow next week.

Affected Product Versions

Windows 2008 R2, Windows 2012 R2 server

 

References

CVE-2017-5715

CVSS 5.6 (Medium)

CVE-2017-5754

CVSS 5.6 (Medium)

CVE-2017-5753

CVSS 5.6 (Medium)

 


Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments: