Esri have announced today that the recently released Microsoft patches for the widely reported Meltdown and Spectre vulnerabilities are causing significant problems for all versions of ArcGIS Server running on Windows Server 2008 R2 or Windows 7. Later versions of Windows Server appear to be unaffected.
Esri have published the following technical article relating to this issue: https://support.esri.com/en/Technical-Article/000017464
Esri is currently investigating the issue with Microsoft.
Esri will provide patches for all supported version of ArcGIS Server including: 10.3, 10.3.1, 10.4, 10.4.1, 10.5, 10.5.1, and 10.6, as well as 10.2.1 and 10.2.2.
No delivery date for the patches is available at this time, however Esri’s development team is working on this with the highest urgency.
In the interim please do not apply the Windows patches listed in the technical article to any Windows Server 2008 R2 server running ArcGIS Server. If these Windows patches have been applied then these will have to be uninstalled.
Please follow Esri’s Security Standards & Architecture Team for the most up-to-date information.
A blog outlining Meltdown and Spectre Processor Vulnerabilities includes Esri’s recommendations for ArcGIS deployments and provides a number of references for vulnerability and vendor specific notices.