Epicor Eclipse is aware of the Meltdown-Spector vulnerabilities affecting many modern microprocessors from Intel, AMD, POWER and ARM chips that could allow hackers to access a computer’s memory and steal passwords, encryption keys and other private information from open applications.
Because it’s a vulnerability in the CPU hardware implementations, not a bug in the Eclipse application program, there is no “patch” from Eclipse.
We recommend that customers to check with their hardware and Operating System (OS) vendors for applicable patches as the solution for Meltdown and Spectre.
Apply the firmware update via BIOS update
Apply the operating system (RHEL, Windows and AIX) patch
Apply hypervisor patches where applicable
Recommended Customer Actions
We recommend that customers to open a service request with Eclipse Systems support team and deploy patches on their platform and underlying infrastructure on a mutually agreed schedule.
Q: Will these fixes slow down my server?
A: Yes, there is performance impact caused by additional overhead required for security hardening, but the actual performance degradation that customers see may vary considerably based on the nature of their workload, hardware configuration and system constraints.
Q: Can I disable these fixes?
A: Yes, you can disable the kernel patches if you fell confident that your systems are well protected by other means. Please see this article from Red Hat for a step by step instructions.
Warning: As always, please exercise caution when performing system maintenance, especially when initiating processes that can potentially delete data.
To remove a Linux Eterm user using the GUI:
System -> Administration -> Users and Groups
Select the user from the list
Select the Delete button
Verify that the dialog box says “I won’t delete username’s home directory (‘/u2/eclipse’)” before selecting Yes to proceed
Warning: if prompted to remove the shared home directory as shown in the dialog box below, uncheck the box before clicking Yes. Failure to do so will result in the removal of the entire Eclipse database directory (/u2/eclipse).
For your convenience, here is a screencast that covers the entire process for locking or removing a user:
If you prefer to use the command line, please see this page for instructions.
Warning: As always, please exercise caution and follow best practices when performing system maintenance, especially when initiating processes that can potentially delete data.
Easy Procedure: Remove a User (Recommended)
Log into your server as root
Remove the user (where username is the user you wish to remove):
If you prefer the graphical interface, you may perform the same function via the GUI.
Advanced Procedure: Remove a User and Home Directory
The above command does not remove the user’s home directory, because it often contains important database files. If you would like to remove both a user and their home directory, you must first verify that your users are not configured to use the database directory as their home directory:
Log into the server as root
Verify the user’s home directory (where username is the user whose home directory you are checking):
If the output displays /u2/eclipse or anything other than /home/username, do not continue. This user’s home directory is the shared database directory. You must use the procedure above to remove only the user. Contact Eclipse Support with any questions.
If the output displays /home/username, you may proceed with the procedure and remove the user and their home directory: