none
이번 인텔CPU 보안취약점 관련 RRS feed

  • 질문

  • 안녕하세요

    windows server 2012 사용중이구요

    이번 "speculative execution side-channel attacks" 보안취약점 관련해서 

    테크넷 공지에서 보면

    [공지] Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities 

    https://social.technet.microsoft.com/Forums/ko-KR/b25a1860-9207-4f4e-ad6e-4ea1fed4e80b/-windows-server-guidance-to-protect-against-the-speculative-execution-sidechannel?forum=windowsserverko

    Operating System Version / Update KB
    Windows Server, version 1709 (Server Core Installation) / 4056892("https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892")
    Windows Server 2016 / 4056890("https://support.microsoft.com/en-us/help/4056890/windows-10-update-kb4056890")
    Windows Server 2012 R2 / 4056898("https://support.microsoft.com/en-us/help/4056898/windows-81-update-kb4056898")
    Windows Server 2012 / Not available
    Windows Server 2008 R2 / 4056897("https://support.microsoft.com/en-us/help/4056897/windows-7-update-kb4056897")
    Windows Server 2008 / Not available

    해서 Windows Server 2012는 제공을 안한다고 나와있는데요...

    근데 또 Microsoft Security Advisory ADV180002 문서 Affected Products 부분을 보면 

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

    제품 : Windows Server 2012에 article : 4056899로 확인이 가능하고 Microsoft update 카탈로그에서 찾아보면 
    2018-01월, x64 기반 시스템용 Windows Server 2012에 대한 보안 전용 품질 업데이트(KB4056899)
    19.6MB로 패치파일 제공을 해주는데 이 패치파일이 아닌건가요??

    만약 패치가 지원이 안된다면

    2012r2로 올리기도 애매하고 난감하네요..


    • 편집됨 harrylim 2018년 1월 5일 금요일 오전 6:24
    2018년 1월 5일 금요일 오전 6:22

답변

  • 안녕하세요?

    1. 1월 5일부로 하기 문서에서 Affected Products에 Windows 2012는 제거 되었으며

    [참고 절]

    Version Date Description
    3.0 01/05/2018 The following updates have been made:  Revised the Affected Products table to include Windows 10 Version 1709 for x64-based Systems because the update provides mitigations for ADV180002. Corrected the security update numbers for the 2016 and 2017 SQL Server Cumulative Updates. Removed Windows Server 2012 and Windows Server 2012 (Server Core installation) from the Affected Products table because there are no mitigations available for ADV180002 for these products. Revised the Affected Products table to include Monthly Rollup updates for Windows 7 and Windows Server 2008 R2. Customers who install monthly rollups should install these updates to receive the mitigations against the vulnerabilities discussed in this advisory. In the Recommended Actions section, added information for Surface customers. Added an FAQ to explain why Windows Server 2008 and Windows Server 2012 will not receive mitigations for these vulnerabilities. Added an FAQ to explain the protection against these vulnerabilties for customers using x86 architecture.

    [참고자료]

    ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

    2. 사유는 고객님이 이미 참고하셨던 내용과 동일한 것으로 보여집니다.

    [참고 절]

    6. Why aren't Windows Server 2008 and Windows Server 2012 platforms getting an update? When can customers expect the fix?

    Addressing a hardware vulnerability with a software update presents significant challenges with some operating systems requiring extensive architectural changes. Microsoft continues to work with affected chip manufacturers and investigate the best way to provide mitigations

    [참고자료]

    ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

    감사합니다.

    • 답변으로 표시됨 harrylim 2018년 1월 9일 화요일 오전 12:41
    2018년 1월 8일 월요일 오전 12:46
    중재자

모든 응답

  •  안녕하세요?

    1. 하기 자료는 2018년 1월 5일자로 업데이트 자료로  Windows Server 2012 용도로 발표된 것으로 보여지며

    [참고자료]

    January 3, 2018—KB4056899 (Security-only update)

    https://support.microsoft.com/en-gb/help/4056899/windows-sever-2012-update-kb4056899

    2. 하기 사이트를 통해 다운로드 후 설치해 보시기 바랍니다.

    https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056899

    3. 자세한 추가적인 사항은 확인 후 업데이트 드리도록 하겠습니다.

    감사합니다.

    2018년 1월 5일 금요일 오전 7:48
    중재자
  • 답변감사합니다.

    오늘 다시확인해보니 갑자기 2012관련해서 패치가이드 나왔던 내용이 없어졌네요??

    revisions쪽에 보면 3.0버전으로해서 

    Removed Windows Server 2012 and Windows Server 2012 (Server Core installation) from the Affected Products table because there are no mitigations available for ADV180002 for these products. 

    라고 가이드해주는데... KB4056899 패치로는 해당안돼서 빼버린건지요.. 궁금하네요

    2018년 1월 8일 월요일 오전 12:43
  • 안녕하세요?

    1. 1월 5일부로 하기 문서에서 Affected Products에 Windows 2012는 제거 되었으며

    [참고 절]

    Version Date Description
    3.0 01/05/2018 The following updates have been made:  Revised the Affected Products table to include Windows 10 Version 1709 for x64-based Systems because the update provides mitigations for ADV180002. Corrected the security update numbers for the 2016 and 2017 SQL Server Cumulative Updates. Removed Windows Server 2012 and Windows Server 2012 (Server Core installation) from the Affected Products table because there are no mitigations available for ADV180002 for these products. Revised the Affected Products table to include Monthly Rollup updates for Windows 7 and Windows Server 2008 R2. Customers who install monthly rollups should install these updates to receive the mitigations against the vulnerabilities discussed in this advisory. In the Recommended Actions section, added information for Surface customers. Added an FAQ to explain why Windows Server 2008 and Windows Server 2012 will not receive mitigations for these vulnerabilities. Added an FAQ to explain the protection against these vulnerabilties for customers using x86 architecture.

    [참고자료]

    ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

    2. 사유는 고객님이 이미 참고하셨던 내용과 동일한 것으로 보여집니다.

    [참고 절]

    6. Why aren't Windows Server 2008 and Windows Server 2012 platforms getting an update? When can customers expect the fix?

    Addressing a hardware vulnerability with a software update presents significant challenges with some operating systems requiring extensive architectural changes. Microsoft continues to work with affected chip manufacturers and investigate the best way to provide mitigations

    [참고자료]

    ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

    감사합니다.

    • 답변으로 표시됨 harrylim 2018년 1월 9일 화요일 오전 12:41
    2018년 1월 8일 월요일 오전 12:46
    중재자