Important Notice

Important announcement to customers who are using Pro-face Industrial PC products and Smart portal SP5000 Series Open BOX module

Description of the Issue

Desktop, laptop, and virtual computers could be affected by the MDS vulnerability.

Please refer to Intel's MDS table in the Deep Dive: CPUID Enumeration and Architectural MSRs (link is external) for a list of Intel processors that might be affected by MDS. Proof of concept exploit code has already been made public by the researchers who discovered this issue.

CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091 are the official vulnerability references for the MDS vulnerabilities.

Products Affected

Smart Portal

Industrial Personal Computer (IPC)

Recommended Mitigations

Please note that as of the date of this publication, it is unclear whether the initial mitigations proposed by Intel will affect systems performance. Therefore, we recommend proceeding with caution if customers decide to apply patches to critical and/or performance-constrained systems. If customers elect to apply recommended patches and/or mitigations, we strongly recommend evaluating the impact of those measures in a Test and Development environment or on an offline infrastructure.

Pro-face continues to monitor and track vendor research into this vulnerability to determine appropriate actions to be taken. We advise customers to refer immediately to Intel’s Security Center webpage for further information and guidance:

• Microarchitectural Data Sampling Advisory
• Deep Dive: Intel Analysis of Microarchitectural Data Sampling

More References:

• ZombieLoad Attack website
• U.S. Department of Homeland Security bulletin

Questions

If you have any questions, please contact Technical Support.