Posted on 4.1.2018

Information regarding the Intel CPU vulnerabilities (Meltdown)

Intel CPU vulnerabilities uncovered

Yesterday, on January 3rd, 2018, Intel confirmed information regarding independent research findings that have uncovered security vulnerabilities in their processors. Further research has shown that this affects all modern processors, including models used by UpCloud and other cloud service providers. The CPU vulnerabilities may allow an attacker to escape the confinement of the Virtual Machine guest operating system’s memory and allow attackers to gather sensitive data from the underlying computing device.

Since a key component in virtualized environments is the ability to isolate access to the guest operating systems only, patching this vulnerability is of major importance. Our engineers have been actively investigating and researching the vulnerability since it was discovered.

We have been preparing to roll-out global security updates at an accelerated pace to our underlying cloud infrastructure environment in the coming days. The emergency maintenance window will be further communicated on our status page. (Please subscribe to the status page to receive notifications of future updates!)

These updates will, unfortunately, affect a portion of our users’ cloud servers in the manner of scheduled reboots, but we aim to resolve this as seamless and disruption-free as possible for all our users.

In the meantime, we recommend all users to often and regularly check for security updates to their cloud servers operating system and install any recommended updates. And should you have any further questions, please don’t hesitate to contact our support staff.

Further reading:

Jonathan Gabor

Discussion

Join discussion

  1. Information regarding Foreshadow, the Intel L1 Terminal Fault vulnerability - UpCloud

    […] to the Spectre and Meltdown vulnerabilities, users should also upgrade the operating systems on their cloud servers as the fixes become […]

Leave a Reply

Your email address will not be published. Required fields are marked *

See also

See all posts

ZombieLoad, RIDL, and Fallout – Microarchitectural Data Sampling vulnerabilities

Intel published this Tuesday on 14th of May a new class of vulnerabilities which are related to the already year-old speculative execution attacks. The newly-disclosed Microarchitectural Data Sampling (MDS) hardware vulnerabilities were found independently by multiple teams and are affecting most modern Intel CPUs. Microarchitectural Data Sampling (MDS) vulnerabilities Currently reported vulnerabilities called ZombieLoad, RIDL, […]

Announcements

New Intel CPU vulnerability GDS/Downfall

On August 8, 2023, Intel published a new security vulnerability that exploits Gather Data Sampling (GDS). Named Downfall by its discoverer, it impacts multiple generations of Intel processors used in both personal and cloud computers. Downfall is a transient execution side-channel vulnerability that targets a critical weakness found in many modern Intel processor models. Following the […]

Announcements

Information regarding Foreshadow, the Intel L1 Terminal Fault vulnerability

Intel recently shared information about a newly identified vulnerability in their processors. It concerns a speculative execution side-channel method that Intel calls L1 Terminal Fault or L1TF for short. The vulnerability was discovered by two independent groups of researchers who have titled it Foreshadow. L1TF aka Foreshadow The Foreshadow vulnerability (CVE-2018-3615) is an exploit on the speculative execution […]

Announcements

Back to top