Securing Bluekiri customers from CPU vulnerability
An industry-wide, hardware-based security vulnerability was disclosed yesterday. Keeping customers secure is always our top priority and we are taking active steps to ensure that no Bluekiri customer is exposed to these vulnerabilities. At the time of this blog post, Bluekiri has not received any information to indicate that these vulnerabilities have been used to attack Bluekiri Enterprise Cloud customers.
The majority of Bluekiri infrastructure has already been updated to address this vulnerability. Some aspects of Bluekiri Enterprise Cloud are still being updated and require a reboot of customer VMs for the security update to take effect.
With the public disclosure of the security vulnerability yesterday, we are accelerating the planned maintenance timing and will begin automatically rebooting the remaining impacted VMs starting at 14:00 CEST on January 4, 2018. The self-service maintenance window that was available for some customers has now ended, in order to begin this accelerated update.
During this update, we will maintain our SLA commitments of Availability and Cloud Services. This reduces impact to availability and only reboots a subset of your VMs at any given time. This ensures that any solution that follows Bluekiri Enterprise Cloud’s high availability guidance remains available to your customers and users.
The majority of Bluekiri customers should not see a noticeable performance impact with this update. We’ve worked to optimize the CPU and disk I/O path and are not seeing noticeable performance impact after the fix has been applied. We will continue to monitor performance closely and address customer feedback.
This Bluekiri infrastructure update addresses the disclosed vulnerability at the hypervisor level and does not require an update to your Windows or Linux VM images. However, as always, you should continue to apply security best practices for your VM images.
