Stratus® Product Alert 3266

ftServer running Windows Server 2016 with Hyper-V role enabled should not install any Microsoft updates released after 30th April 2019 till further notice.

Sites Affected

ftServer running Windows Server 2016 with Hyper-V role enabled.
ftServer running Windows Server 2016 with Hyper-V role disabled are not impacted.

Issue

In May of 2019 Microsoft released KB4494440 and higher updates that provides protections against a new subclass of speculative execution side-channel vulnerabilities, known as Microarchitectural Data Sampling, for 64-Bit (x64) versions of Windows (CVE-2019-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130).

Stratus Quality Assurance Team have observed that after installation of Microsoft May update (KB4494440 and higher) ftServer that are running Windows Server 2016 with Hyper-V role enabled, the CPU are failing to duplex. Simplex CPU make ftServer vulnerable to single point of failure.

Action Required

ftServer running Windows Server 2016 with Hyper-V role enabled should not install any Microsoft updates released after 30th April 2019 till further notice.

Avoidance

Stratus Sustaining Engineering is actively investigating how to mitigate this situation. In the mean time ftServer running Windows Server 2016 with Hyper-V role enabled should not install any Microsoft updates released after 30th April 2019 till further notice.

Available Fixes

Stratus is working on releasing AUL version 11.2.x & 12.y that will contain fix for this problem.