Updated info about "Meltdown" and "Spectre" vulnerabilities

10 Jan 2018

BIOS configuration

  • Disable PXE boot
  • Disable boot from USB devices
  • Protect BIOS settings with a BIOS password

eLux configuration

  • Prevent access to eLux Control Panel tabs Configuration and Setup
  • Prevent misuse of the thin client by password protection (Active directory password or application password)
  • Prevent random access on applications (No local application XTERM, local Firefox browser in kiosk mode only)
  • Prevent random access to internet sites in case of usage of a local web browser (Firefox, Chromium)
  • Disable local mount of USB mass storage devices, allow USB redirection only

eLux firmware update

  • Use only eLux packages with valid signatures to update the firmware image of the thin clients
  • Activate signature check for IDF and eLux packages before firmware update

Scout Enterprise administration

  • Supervise or restrict the use of User-defined commands and client mirroring in case of multiple Scout Enterprise administrators