This week’s news about a widespread vulnerability in the PC processor has prompted cloud providers to issue assurances for their customers.
The Register reported the flaw late Tuesday night. It exploits a modern processor’s design in order to allow hackers to access a computer’s core memory. This flaw can be used on personal computers as well as shared hardware such public cloud servers.
Initial reports blamed the vulnerability on Intel processors. Google and other researchers have found that the flaw is present on most modern processors, including those made by AMD and ARM.
Following the news, the top cloud providers Amazon Web Services (AWS), Google, and Microsoft Azure issued statements Wednesday afternoon that detailed the steps they took to protect their cloud environments as well as customers.
Each vendor stated that they knew about the vulnerability before Tuesday’s disclosure and that they have been strengthening their computing environments accordingly. AWS stated in its statement that the flaw exists for more than 20 years and that only a small percentage of Amazon EC2 instances were unprotected prior to Wednesday.
AWS stated that the remaining ones would be completed within the next few hours. They will also receive maintenance notifications.
Microsoft, on its part, stated in a statement that it had already secured “the majority of [its] Azure infrastructure against the flaw.” Microsoft recently performed a system reboot, which should have protected most Azure customer environments.
“Some Azure features are still being updated. Customers will need to reboot their VMs in order for the security update effect. Microsoft stated that many of you have been notified in recent weeks about a planned maintenance on Azure. You have already rebooted your VMs in order to apply the fix and that no further action is required.
Google stated that its entire Google Cloud Platform was “already updated to prevent all known vulnerabilities.”
The providers pointed out that customers still need their own operating systems to ensure top to bottom protection.
