Well done digigitalocean!
On Tuesday, December 10, 2019, 03:11:40 PM EST, Team DigitalOcean <[email protected]> wrote:
Intel released a statement regarding issues with certain CPUs when running in virtualized environments. When encountered, these issues manifest with unexpected page faults. On DigitalOcean’s environment, security implications could include unpredictable system behavior on a Droplet, such as a virtual machine shutdown due to page faults. Additionally, a stale value may be used by hardware later. If left unmitigated, this vulnerability could allow malicious users to disclose information at the kernel level, or enable user level application privileges for otherwise unauthorized users.
We acted quickly to implement our mitigations, ensuring our users are not vulnerable to any attacks, and we completed our roll out of updated microcode across our platform earlier this afternoon.
The security of our platform and our users’ data is our top priority, and we’re taking every measure to ensure our customers remain secure, including keeping you informed of updates about vulnerabilities that may impact your account. For more information, you can read Intel’s statement.
Copyright © 2019 DigitalOcean
Floor 10, 101 Avenue of the Americas, New York, NY, 10013
All rights reserved.