Issue

Background:

In December 2017 information about two vulnerabilities in modern processors were published. These exploits are often referred to as Meltdown and Spectre. A large proportion of current IT-products are potentially affected – including systems with Intel-based processors. In order to use the exploit, an attacker needs to execute malicious code on the target system. For this reason, it is advised to protect systems from unauthorized access (e.g. by using a strong password policy). In addition, potentially affected systems should be patched with the latest security updates, in order to reduce the attack surface.


Solution

Please note the provided solution guidance for the products as follows:


DIVAR IP 2000, DIVAR IP 5000 and VIDEOJET decoder 8000

Firmware updates will be published shortly. Download links will be published in the product catalogue and on the Bosch Security Systems DownloadStore:

https://downloadstore.boschsecurity.com/


DIVAR IP 3000

  • press CTRL+ALT+DEL, then hold down SHIFT while clicking the Switch User option and keep SHIFT pressed for about five seconds.
  • Log in using the BVRAdmin account
  • Enable Windows Update in the Control Panel and install latest Updates (preferred)
  • Note: it may be required to enable the Windows Update service under services first
  • Alternatively, patch KB4056897 can be downloaded and installed on the system

http://download.windowsupdate.com/d/msdownload/update/software/secu/2018/01/windows6.1-kb4056897-x64_2af35062f69ce80c4cd6eef030eda31ca5c109ed.msu


DIVAR IP 6000 (current generation DIP-61x)

  • Log in using the BVRAdmin account
  • Enable Windows Update in the Control Panel and install latest Updates (preferred)
  • Alternatively, patch KB4056898 can be downloaded and installed on the system

http://download.windowsupdate.com/c/msdownload/update/software/secu/2018/01/windows8.1-kb4056898-v2-x64_754f420c1d505f4666437d06ac97175109631bf2.msu


DIVAR IP 7000 (current generation DIP-71x)

  • press CTRL+ALT+DEL, then hold down SHIFT while clicking the Switch User option and keep SHIFT pressed for about five seconds.
  • Log in using the BVRAdmin account
  • Enable Windows Update in the Control Panel and install latest Updates (preferred)
  • Alternatively, patch KB4056898 can be downloaded and installed on the system

http://download.windowsupdate.com/c/msdownload/update/software/secu/2018/01/windows8.1-kb4056898-v2-x64_754f420c1d505f4666437d06ac97175109631bf2.msu


HP Workstations, HP Servers and PC-based products which are already end-of-life

  • Log in using the administrative account
  • Enable Windows Update in the Control Panel and install latest Updates (preferred)
  • Or download and install the matching patch from Microsoft:

Windows 7 or Window (Storage) Server 2008 R2

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056897

Windows 8.1 or Window (Storage) Server 2012 R2

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056898

Windows 10

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056891


All Windows-Security-Patches for the risk of Meltdown and Spectre are now available:

Microsoft security patches to fix Meltdown / Spectre problem


Additional Microsoft Patches to ensure compatibility with Rexroth IndraWorks

designation
publised

affected Windows version


designation

KB4056888

Jan 3 2018

Windows 10 Version 1511 (OS Build 10586.1356)

KB4075200*

KB4056890

Jan 3 2018

Windows 10 Version 1607
Windows Server 2016
Windows 10 Mobile (OS Build 14393.2007)

KB4057142*

KB4056891

Jan 3 2018

Windows 10 Version 1703
(OS Build 15063.850)

KB4057144*

KB4056892

Jan 3 2018

Windows 10 version 1709 (OS Build 16299.192)

KB4073291 (for 32-Bit System)

KB4073290 (für 64-Bit System)

KB4056893

Jan 3 2018

Windows 10 Enterprise (OS Build 10240.17738)

KB4075199*

KB4056896

Jan 4 2018

Windows Server 2012 Standard

KB4057402*

KB4056895

Jan 8 2018

Windows 8.1, Windows Server 2012 R2 Standard

KB4057401*

KB4056898

Jan 3 2018

Windows 8.1, Windows Server 2012 R2 Standard

KB4057401*

KB4056897

Jan 3 2018

Windows Server 2008 R2 Service Pack 1
Windows 7 Service Pack 1

not required
Windows 7 not affected

Note: the relevant Windows version can be identified with the commands "ver" or "winver" entered at the Windows command line.


* You find a download file for Windows 10 32-bit-system — marked as X86 in the filename — and for Windows 10 64-bit-system mared with X64 in the file name.
We recommend to regularly check the information pages on Meltdown and Spectre [2] for the availability of recent bug-fix solutions for the Known Issue (CoInitializeSecurity ) [1].
Sources:
[1]https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892 (see also "Known Issues",CoInitializeSecurity)
[2]https://meltdownattack.com/


Notes

This article will be updated if additional patches or guidelines are published by the CPU or OS vendor. First tests indicated that patched systems still operate within the given specification – despite potential performance impacts related to the listed security patches.