Important note about new Spectre NG vulnerabilities

Dear Cloud Riders,

A few hours ago, we became aware of a potential security vulnerability impacting x86 processors. According to borncity, it seems that eight new Intel CPU vulnerabilities have been discovered, four of them appear to be of severity "high".

Preliminary information seem to indicate this is serious.

We are currently trying to get more details about this potential security issues.

We are carefully monitoring the situation and we will keep you updated on this post.

Additional information:

Update #1 - 05/07/18 4pm UTC

We re-activated the response communication platform created earlier this year to share information with other cloud providers during the Spectre and Meltdown outbreak.

Update #2 - 05/22/18 8:38am UTC

Yesterday at 2pm PDT, a new side channel vulnerability has been disclosed Speculative Store Bypass (CVE-2018-3639, CVE-2018-3640). This issue affects Intel products and those of other CPU vendors.

Microcodes or patches in the kernel may be required to completely fix the issue. Currently, a microcode updates are not available for all platforms.

On Dedibox side, we will provide microcode updates as soon as vendors ship them

At Scaleway, we're analyzing the impact of this vulnerability that doesn't seem to allow crossing of virtual machines boundaries from our first results.

On the Online Web Hosting platform, we expect to have to patch the servers and reboot them.

For more information regarding these vulnerability, checkout the following links

Author image

Edouard Bonlieu

Strategy and marketing at Online.net & Scaleway