Solved: BIOS Trickboot vulnerability upgrade in an HA clus...

bylie · ‎03-30-2022

Has anyone performed the BIOS upgrade for the PSA 5000 or 7000 platforms to mitigate the Trickboot vulnerability? Any gotcha's or things we should be aware of before planning this?

The SA states:

Question 9: We are using A/A or A/P Cluster, do we need to patch the nodes individually?
Answer: Yes, we need to patch the appliances individually in the cluster scenario (No need to break the cluster)

Does this mean that the BIOS upgrade does not follow the usual software upgrade procedure where you only have to initiate and complete the upgrade on one node after which the other node(s) will automatically receive the new software and also upgrade?

zanyterp · ‎03-30-2022

yes, that is correct. it is not something that is pushed between the nodes

View solution in original post

zanyterp · ‎03-30-2022

yes, that is correct. it is not something that is pushed between the nodes

bylie · ‎04-01-2022

Just performed the BIOS upgrade and it was indeed per cluster node.

zanyterp · ‎04-03-2022

glad to hear it worked successfully

BIOS Trickboot vulnerability upgrade in an HA cluster

BIOS Trickboot vulnerability upgrade in an HA cluster

Re: BIOS Trickboot vulnerability upgrade in an HA cluster

Re: BIOS Trickboot vulnerability upgrade in an HA cluster

Re: BIOS Trickboot vulnerability upgrade in an HA cluster

Re: BIOS Trickboot vulnerability upgrade in an HA cluster