We are performing emergency security update to our VMware platforms
|Site:||All Cloud Sites and Customer Private Clouds|
|Date:||Wed 22 Aug – Fri 24 Aug|
|Time:||Between 0900 and 1730 BST|
|Works:||L1 Terminal Fault Security Patching|
We are applying security patching to mitigate the risks around the recently announced L1 Terminal Fault Speculative Execution vulnerability to our VMware platforms.
The first stage requires security updates applied to the hosts running virtual machines. A second stage will follow requiring additional configuration to enable enhanced mitigation.
This should be considered “At-Risk” only. Customer virtual machines should continue to run without impact and the VPC Portal will remain available.
This is a newly discovered vulnerability in the same family as the Spectre and Meltdown vulnerabilities. As with the previous cases, this is a vulnerability in the CPU architecture and Intel, VMware and vendors have provided patches that work around the risks.
The vulnerability, while difficult to exploit, can lead a malicious program being able to access data in the CPU’s L1 cache. As such we are applying the security patches under emergency maintenance windows to ensure our customer workloads continue to enjoy the high levels of protection and isolation in our Cloud environments.