Microsoft fixing the big chip bug

According to Business Insider;

The processor security flaw that has the tech world abuzz is already being fixed for Windows computers — but the fix doesn’t completely solve the problem, and right now it’s only available for those running the latest version of the operating system.

The security flaw affects Intel, AMD, and ARM processors. It’s been widely reported that fixing it could require most PCs to take a sizable performance hit.

Microsoft started to push out a patch for the vulnerability for Windows 10 computers on Wednesday afternoon. It plans to release fixes for Windows 7 and Windows 8 on Tuesday, according to The Verge.

Source: http://www.businessinsider.com/microsoft-fixes-intel-amd-security-vulnerability-2018-1

Intel’s latest Core processors have serious security flaws

Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.

In other words, if you have any of the following Intel Processors, you may be affected.

  • 6th, 7th & 8th Generation Intel® Core™ Processor Family
  • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon® Processor W Family
  • Intel® Atom® C3000 Processor Family
  • Apollo Lake Intel® Atom Processor E3900 series
  • Apollo Lake Intel® Pentium™
  • Celeron™ N and J series Processors

For more information visit: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Source: Intel’s latest Core processors have serious security flaws

New Network Stack

A former employer needed a completely rebuilt network stack with all new core and edge switches. What a fun weekend that was!

The Project

  • Duration – 2 Days
  • Users – 100-249
  • Devices – 100-249
  • Budget – $7k
  • Data – 10.0 TB
  • Hardware/Software
    • Active Directory
    • HP 2910al-48g
    • HP v-1910
    • WatchGuard System Manager
    • HP ProCurve 4208VL
    • WatchGuard XTM505

The Problem

WP_20140220_001_medium
Star network configuration.

A hodge-podge of consumer grade 10/100 and 1000 switches that were daisy chained over a single uplink between switches. This was implemented years ago when this multi-million dollar insurance company was around 40 users.

The Solution

Implement (on a shoestring budget) a new star network configuration with 6 edge switches configured with LACP. Each lag group will have 4Gbit throughput to the core switch. Remove routing between subnets on two different interfaces on the WatchGuard XTM 5 firewall. And increase the LAN capacity to accommodate up to 1000 hosts.

The Job

 

WP_20140220_003_big
Drobo B1200i iSCSI VLAN to Dell R905 hosts in VMware Cluster.

The existing stack will have to be completely removed and replaced. The new stack consisting of 6x HP v1910, 1x HP Procurve 4204vl and 1x HP 2910al, will be preconfigured and tested. The 2910 will be configured for 7x 4Gbit lag groups and be the core switch with a single uplink to the WatchGuard. The 6x 1910 edge switched will have 4 ports configured for 802.3ad link aggregation as the uplink to the core switch for workstations and other network devices. The Procurve will be a dedicated server switch with the same 4 port link aggregation, with the potential to be increased to 8Gbit.

 

The Details

WP_20140220_004_medium
Now there is room for air.

The WatchGuard will be reconfigured with a new networking and CIDR for a subnet mask of 255.255.252.0 to house up to 1000 hosts. DNS and DHCP on the Active Directory servers will have to be reconfigured and each server will have to be given the new settings. Because this network has a unique application that required a static IP on each workstation, I had to setup a group policy that ran a netsh script to convert each workstation to DHCP.