Tuesday, January 16, 2018

Exchange Server guidance to protect against speculative execution side-channel vulnerabilities

Microsoft finally came out with guidance for Exchange Server and the recent Meltdown/Spectre patches:

https://support.microsoft.com/en-us/help/4074871/exchange-server-guidance-to-protect-against-speculative-execution-side

Looks like there is a big performance hit by enabling KVAS so those customers hosted in a public cloud are not going to be happy.  Also, look for more performance degradation once the microcode updates are released.  Be sure to test!