Intel recently released a statement about a group of processor vulnerabilities known as Microarchitectural Data Sampling (MDS), also being referred to as “ZombieLoad.” This is a significant security vulnerability that affects systems that host virtual machines. Without mitigation, sophisticated attackers could leverage this vulnerability to access sensitive data that may allow for privilege escalation and unauthorized access to user data.
At present, the vulnerabilities are conceptual and not widely demonstrated to be in use. However, we’ve started mitigation efforts and anticipate full mitigation of our infrastructure in the coming weeks. In most cases, services will be live patched and migrated without downtime or impact to you. Some customers may require downtime, and we will notify any customers who may be impacted by our mitigation efforts in advance. Customers can also view our planned maintenance schedule at status.netactuate.com.
We also recommend taking steps to ensure your virtual machine is up to date and secure, especially if you are running multi-tenant applications.
This type of vulnerability is one reason we build provider and architectural diversity into our global platform from the ground up. We provide our customers with infrastructure services (virtual machines, containers, bare metal, and even colocation) that include a combination of Intel, AMD, ARM, and other hardware at the edge in over 30 global locations. If you are unsure about your current deployment mix, and wish to build vendor and architectural diversity into your deployment, please contact us via our online form or by calling 1.800.419.2656.
The security of our platform has always been our top priority, and we’re taking every measure to ensure our customers remain secure. For more information about MDS, you can read Intel’s initial statement.