IBM hat eine Technote zur Reduzierung der „Meltdown and Spectre security vulnerability“ veröffentlicht.
Info aus der IBM Technote:
What steps should you take to help protect against Meltdown and Spectre vulnerabilities for IBM Notes client or IBM Domino server?
Meltdown and Spectre, the CPU vulnerabilities announced in early January, could impact any software running on top of a machine or device that is exposed. This includes a Domino server and Notes client. To implement effective protections against these vulnerabilities, IBM guidance to customers:
- Follow the recommendation of your hardware vendors to install the latest chip or firmware changes
- Follow the recommendation of your operating system vendor to install latest updates
- Keep your anti-virus scanner up-to-date
- Because Meltdown and Spectre attacks are likely to come in the form of untrusted code, configure your Agent Security, Domino Server Programmability Restrictions and Notes Execution Control Lists to prevent the execution of untrusted or unsigned code in your Notes and Domino deployment.
In der IBM Technote Notes/Domino guidance to mitigate Meltdown and Spectre security vulnerability wird empfohlen, die folgenden Einstellungen beim Domino Server und Notes Client zu überprüfen und anzupassen.
- Security for agents on server and the web
- Domino Server Document – Security Tab paying particular attention to Programmability Restrictions
- Administering Notes Execution Control Lists
- IBM Domino Server (HTTP) gegen ROBOT-Attack absichern
- IBM Notes/Domino 9.0.1 Feature Pack 10 Preliminary Release Notice
- Is Java 9 Supported on IBM Notes 64-bit Client for Mac?