• Blog
  • Docs
  • Careers
  • Get Support
  • Contact Sales
DigitalOcean
  • Featured AI Products

    Compute

    Build, deploy, and scale cloud compute resources

    Containers and Images

    Safely store and manage containers and backups

    Managed Databases

    Fully managed resources running popular database engines

    Management and Dev Tools

    Control infrastructure and gather insights

    Networking

    Secure and control traffic to apps

    Security

    Help protect your account and resources with these security features

    Storage

    Store and access any amount of data reliably in the cloud

    Browse all products

  • AI/ML

    CMS

    Data and IoT

    Developer Tools

    Gaming and Media

    Hosting

    Security and Networking

    Startups and SMBs

    Web and App Platforms

    See all solutions

  • Community

    Documentation

    Developer Tools

    Get Involved

    Utilities and Help

  • Become a Partner

    Marketplace

  • Pricing
  • Log in
  • Sign up
  • Log in
  • Sign up

Company

  • About
  • Leadership
  • Blog
  • Careers
  • Customers
  • Partners
  • Referral Program
  • Affiliate Program
  • Press
  • Legal
  • Privacy Policy
  • Security
  • Investor Relations

Products

  • GPU Droplets
  • Bare Metal GPUs
  • Inference Engine
  • Data & Learning
  • Evaluations
  • Model Library
  • Droplets
  • Kubernetes
  • Functions
  • App Platform
  • Load Balancers
  • Managed Databases
  • Spaces
  • Block Storage
  • Network File Storage
  • API
  • Uptime
  • Cloud Security Posture Management (CSPM)
  • Identity and Access Management (IAM)
  • Cloudways
  • View all Products

Resources

  • Community Tutorials
  • Community Q&A
  • CSS-Tricks
  • Write for DOnations
  • Currents Research
  • DigitalOcean Startups
  • Wavemakers Program
  • Compass Council
  • Open Source
  • Newsletter Signup
  • Marketplace
  • Pricing
  • Pricing Calculator
  • Documentation
  • Release Notes
  • Code of Conduct
  • Shop Swag

Solutions

  • AI Training GPU
  • GPU Inference
  • VPS Hosting
  • Website Hosting
  • VPN
  • Docker Hosting
  • Node.js Hosting
  • Web Mobile Apps
  • WordPress Hosting
  • Virtual Machines
  • View all Solutions

Contact

  • Support
  • Sales
  • Report Abuse
  • System Status
  • Share your ideas

Company

  • About
  • Leadership
  • Blog
  • Careers
  • Customers
  • Partners
  • Referral Program
  • Affiliate Program
  • Press
  • Legal
  • Privacy Policy
  • Security
  • Investor Relations

Products

  • GPU Droplets
  • Bare Metal GPUs
  • Inference Engine
  • Data & Learning
  • Evaluations
  • Model Library
  • Droplets
  • Kubernetes
  • Functions
  • App Platform
  • Load Balancers
  • Managed Databases
  • Spaces
  • Block Storage
  • Network File Storage
  • API
  • Uptime
  • Cloud Security Posture Management (CSPM)
  • Identity and Access Management (IAM)
  • Cloudways
  • View all Products

Resources

  • Community Tutorials
  • Community Q&A
  • CSS-Tricks
  • Write for DOnations
  • Currents Research
  • DigitalOcean Startups
  • Wavemakers Program
  • Compass Council
  • Open Source
  • Newsletter Signup
  • Marketplace
  • Pricing
  • Pricing Calculator
  • Documentation
  • Release Notes
  • Code of Conduct
  • Shop Swag

Solutions

  • AI Training GPU
  • GPU Inference
  • VPS Hosting
  • Website Hosting
  • VPN
  • Docker Hosting
  • Node.js Hosting
  • Web Mobile Apps
  • WordPress Hosting
  • Virtual Machines
  • View all Solutions

Contact

  • Support
  • Sales
  • Report Abuse
  • System Status
  • Share your ideas
© 2026 DigitalOcean, LLC.Sitemap.
Trust & Security

A Message about Intel’s L1TF Security Vulnerability

author

By Josh Feinblum

  • Published: August 14, 2018
  • 2 min read
<- Back to blog home

UPDATE (9/17/2018):

Over the past several weeks, we’ve been deploying initial mitigations across our platform. These efforts address key concerns posed by the L1TF vulnerability, and future related issues that may arise. Today, we’re pleased to share that we’ve finished this first phase of mitigations. We are continuing to work with Intel to ensure our customers are protected against L1TF and we are also proceeding with a longer-tail mitigation response aimed at reducing our reliance on hardware to keep both Droplets and data protected.

There is currently no action required from our users to protect their Droplets from the L1TF vulnerability. We will continue to share updates here, and will reach out to you directly if we believe there may be any impact to your account, or should you need to take any action.

Original post:

Today, Intel released a statement regarding L1 Terminal Fault (L1TF), a severe security vulnerability that affects many multi-tenant environments running virtual machines, including DigitalOcean. This vulnerability exposes data to any guest running on the same processor core.

In DigitalOcean’s environment, this means an attacker could theoretically use one Droplet to view another Droplet’s memory. However, they should have no ability to target a specific Droplet or user.

The security implications of this vulnerability are significant and require us to move rapidly to ensure our platform remains protected. In the wake of previous vulnerabilities, Intel has improved their communications flow with us and shared more information sooner, which enabled us to start our mitigation efforts yesterday. However, due to the condensed timeline, unforeseen issues may arise during these efforts. We will continue to work with Intel to enhance their multi-party vulnerability disclosure process so we can improve our agility and efficiency in the future, and better address these types of issues.

Remediation efforts will be completed within a few weeks, and during this time we will take all possible steps to ensure customer Droplets and data remain safe. We do not anticipate any downtime for our users as a result of our mitigation efforts.

We are closely monitoring this situation, and we will update this blog post as more information becomes available. We will notify customers directly should there be any action required of them, or any action taken that may impact their DigitalOcean account.

You can read Intel’s initial statement here.

Josh Feinblum leads security and compliance for DigitalOcean and serves as Chief Security Officer. Prior to DigitalOcean, he was the head of security at Rapid7 and started several security programs across hyper-growth, technology-oriented healthcare companies. He is deeply involved in the security community and has more than 14 years of experience managing security teams, overseeing major clients at large managed service providers, and starting privacy and security related programs across commercial and federal financial service firms.

About the author

Josh Feinblum
Josh Feinblum
Author

Share

  • Trust Security
  • News

Start building today

From GPU-powered inference and Kubernetes to managed databases and storage, get everything you need to build, scale, and deploy intelligent applications.
Sign up

Related Articles

Enhancing Security with User-Specific Access Keys for DigitalOcean Functions
Product updates

Enhancing Security with User-Specific Access Keys for DigitalOcean Functions

Amulya Tomer
  • March 23, 2026
  • 5 min read

Read more

Technical Deep Dive: How DigitalOcean and AMD Delivered a 2x Production Inference Performance Increase for Character.ai
Engineering

Technical Deep Dive: How DigitalOcean and AMD Delivered a 2x Production Inference Performance Increase for Character.ai

Piyush Srivastava
  • January 13, 2026
  • 13 min read

Read more

OAuth App Based Workload Identity for Droplets
Trust & Security

OAuth App Based Workload Identity for Droplets

John Andersen
  • October 22, 2025
  • 8 min read

Read more