Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED Update /usr/sbin/intel-microcode2ucode: FAILED

Discussion in 'Security' started by uk01, Sep 13, 2018.

  1. uk01

    uk01 Well-Known Member

    Joined:
    Dec 31, 2009
    Messages:
    173
    Likes Received:
    17
    Trophy Points:
    68
    Hi, I don't normally worry about file changes straight after an update but thought I'd check this one due to the severity of the Intel vulnerabilities.

    Has the cpanel update this morning changed this file?

    Time: Fri Sep 14 02:00:18 2018 +0100

    The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it should be investigated:

    /usr/sbin/intel-microcode2ucode: FAILED
    /sbin/intel-microcode2ucode: FAILED
     
  2. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,920
    Likes Received:
    167
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    There was a microcode update released today for CentOS 6 and CentOS 7.
     
  3. uk01

    uk01 Well-Known Member

    Joined:
    Dec 31, 2009
    Messages:
    173
    Likes Received:
    17
    Trophy Points:
    68
    Thanks for confirming, much appreciated. At least this thread is here for anyone else searching now :)
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,254
    Likes Received:
    479
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Thanks for the details on that @sparek-3

    @uk01 this really isn't a file cPanel would touch normally as well in the event there is a question about it in the future.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. uk01

    uk01 Well-Known Member

    Joined:
    Dec 31, 2009
    Messages:
    173
    Likes Received:
    17
    Trophy Points:
    68
    Thanks Lauren I guess on this occasion you did touch/change it to ensure all cpanel servers were updated on the os level.
    (Aswell as the hypervisor in our case)
     
  6. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,920
    Likes Received:
    167
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    You probably have Operating System Package Updates set to automatic.

    I don't really like automatic updates for this very reason... you never know if a file change is due to an update or due to something else.

    But on the flip side, if people don't have automatic updates enabled... then they will never update.

    So it's a rock and a hard place.

    Me personally, I have automatic updates disabled and I get a report every morning telling me what packages have updates... but I also fancy myself an experienced server administrator... so...
     
    cPanelLauren and rpvw like this.
  7. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    1,088
    Likes Received:
    442
    Trophy Points:
    113
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    @uk01

    The email you received is sent by CSF and is as a result of the System Integrity Checking being enabled.

    The microcode was updated on your server by upcp calling yum as part of its update and upgrade routines. Yum then gets system and kernel updates from the relevant CentOS or Cloudlinux or whoever, repos that you have configured.

    This particular update was issued by CentOS (may then have been provided by whoever supplies your kernel and system files - everything that is NOT cPanel), so not touched directly by cPanel - but rather installed as part of the many routines that upcp performs.

    Hope this helps understand a bit more how the updates/upgrades work :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    cPanelLauren likes this.
  8. uk01

    uk01 Well-Known Member

    Joined:
    Dec 31, 2009
    Messages:
    173
    Likes Received:
    17
    Trophy Points:
    68
    Thanks both, yes totally clear on that.
    I thought it was part of cPanel’s updates due to the time and we often get alerts after the updates.
    Just this one relates to the microcode so thought I’d double check.

    I like things to be kept as up to date as possible.
    We run yum manually as we have to ensure r1soft keep up first!

    We adopted the VMware mitigation’s early too, turning off hyperthreading was a hit, however with other updates it seems to have calmed down a lot now.

    Thanks again for confirmation from fellow experts
     
  9. rpvw

    rpvw Well-Known Member

    Joined:
    Jul 18, 2013
    Messages:
    1,088
    Likes Received:
    442
    Trophy Points:
    113
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    An excellent starting resource to see who's doing what, where and with whom, is the 74 Release Notes - Version 74 Documentation - cPanel Documentation

    And look for the links that open the
    and the
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,920
    Likes Received:
    167
    Trophy Points:
    343
    cPanel Access Level:
    Root Administrator
    Another good source is the CentOS announcement mailing list:

    https://lists.centos.org/mailman/listinfo

    They will post when a package update gets published (and it will get delivered to you... sometime... such is the life of mailing lists these days).

    Of course, if you are using RHEL then you would need to subscribe to the RHEL counterpart. You're probably using CentOS unless you paid for RHEL, but the same package updates come down from RHEL to CentOS, so it's possible that you are using RHEL.
     
  11. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    6,254
    Likes Received:
    479
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Thanks for all the clarification @sparek-3 and @rpvw you guys are dead on.

    @uk01 I'm glad we could help you get some relief at the very least! I'll go ahead and mark this issue as resolved now.

    Thanks, everyone!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice