In response to Intel’s statement today regarding new vulnerabilities, we wanted to share all the information we have to date with our customers and community.
Current information does not suggest that this latest vulnerability, Variant 4, would allow Droplets to gain access to the host hypervisor, or access to other Droplets. We also do not believe that we will need to reboot our entire fleet of hypervisors, as was necessary to mitigate impact from the initial Spectre and Meltdown vulnerabilities. However, there is a remote potential for exploit and we are working with Intel to validate microcode to patch for the vulnerabilities. We are accelerating the fix, but applying these updates takes coordination and time.
Our security and engineering teams are monitoring our hypervisors and following this issue closely. We remain in communication with our contacts at Intel regarding any new developments. The security of our users’ data is one of our highest priorities, and we are ready to take action if and when appropriate. At this time, we strongly recommend ensuring that you have the latest packages from your distributions, and you use the latest browser versions with fixes for Variant 4.
We will update this blog as more information becomes available. In addition to posting here, we will notify customers directly if there is a need to take action.
Optimize your streaming business
Download our guide to learn how streaming businesses can optimize their architecture to save costs.
Download nowRelated Articles
Fine-grained RBAC for GitHub Action workflows With GitHub OIDC and HashiCorp Vault
February 9, 2023•3 min read
Enabling engineering teams through developer-first secrets management
January 26, 2023•3 min read
Company
Products
Community
Solutions
Contact
© 2023 DigitalOcean, LLC. All rights reserved.
