As you may already be aware, a critical security flaw affecting Intel CPUs has been gaining traction in security research circles over the past several days.
While the full details of the security issue are still restricted and there have been no official statements from Intel, our security team has been actively reviewing available information and planning for the necessary next steps. Our engineers have also been testing available kernel patches to ensure necessary upgrades proceed smoothly.
Current facts outline a vulnerability that likely affects a wide range of Intel processors. The patch to mitigate this issue will also likely require a one-time reboot of your instances. While reboots may cause a few minutes of downtime during the restart window, this will be a necessary step to ensure that your compute environment remains secure.
Note: This is an actively developing story and more details will become available in the coming days. Our team is actively monitoring this issue and we will update this article with any developments that directly impact your Vultr.com infrastructure.
– Intel has released a statement on the issue. A link can be found in the additional resources section below. Additionally, we are working closely with our Northeast Intel Representatives to gather additional information and resources directly from their Cloud Service Provider (CSP) team.
– The details of the security vulnerabilities have been disclosed early in CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. Our engineers have already applied updates to our infrastructure to ensure the security of our platform. The original date of the coordinated disclosure was scheduled for January 9th and information from hardware manufacturers is still currently incomplete. We are continuing to closely monitor the issue and will provide additional updates as necessary.