UPDATED 08.15.18: Speculative Execution Vulnerabilities
Aug 15, 2018
Updated Aug. 15, 2018 07:30 CST
On August 14, 2018, details about a series of speculative execution side-channel vulnerabilities, L1 Terminal Fault (L1TF) or Foreshadow, were released.
We are continuing to work in collaboration with our vendors and partners. If we need to take action that would impact customers, we will provide additional guidance directly to the customers involved.
Updated Aug. 9, 2018 15:05 CST
Rackspace is aware of a new exploit related to the Spectre vulnerabilities identified this year. This exploit has been labeled as NetSpectre.
In order to execute an attack, a user would need to generate large amounts of traffic to a specified server which would then gather a single bit of data. This would need to be completed repeatedly in one bit increments to be successful. Additional details can be found in CVE-2017-5753.
Rackspace recommends updating to current firmware/microcode versions to mitigate NetSpectre.
We continue to work in collaboration with our vendors and partners. Additional details will be provided as they are made available. If we need to take action that would impact customers, we will provide additional guidance directly to the customers involved.
Updated May 24, 2018 11:40 CST
On May 21, 2018, new variants for Spectre and Meltdown (side-channel processing unit hardware vulnerabilities) were disclosed; known as 3A and 4.
We are continuing to work in collaboration with our vendors and partners. Additional details will be provided as they are made available. If we need to take action that would impact customers, we will provide additional guidance directly to the customers involved.
Updated May 4, 2018 12:05 CST
Rackspace is aware of another set of vulnerabilities reported as "Spectre-NG." We are investigating in collaboration with our vendors and partners. We will provide additional updates as information becomes available.
Updated April 10, 2018 15:00 CST
Firmware/microcode updates related to the CPU speculative execution vulnerabilities have been released by vendors for a subset of dedicated server platforms.
Rackspace will perform testing according to our standard procedures for each firmware/microcode update as it becomes available. Additional steps may be required for full remediation of the guest OS following the application of the firmware/microcode update. As firmware/microcode updates become available for customer consumption, Rackspace will communicate directly to affected customers.
Additional information can be found on Rackspace's Firmware/Microcode Update page.
Updated Feb. 12, 2018 16:00 CST
Rackspace has taken significant steps towards applying the main Windows® registry key on cloud and dedicated servers. This key is required to install January and February 2018 Security rollup patches and future Microsoft Security patches. Additional details related to registry keys can be found on the Windows OS Mitigations page.
Rackspace will continue to communicate if action that would impact customers is required to remediate the CPU speculative execution vulnerabilities. To view the current status of our remediation efforts, visit the Rackspace Support Network.
Updated Jan. 24, 2018 15:35 CST
Rackspace continues to execute its mitigation and remediation strategy to address the CPU speculative execution vulnerabilities. We have multiple teams working with the utmost urgency to remediate these vulnerabilities. This a complex and evolving situation, as the guidance provided by numerous vendors regarding remediation efforts and patching continues to change.
Based on the level of threat, we firmly believe the best course forward is to continue working with our vendors as they develop stable and proven patches and applying them in the least impactful manner possible.
If we need to take action that would impact customers, we will provide additional guidance directly to the customers involved. To view the current status of our remediation efforts, visit Rackspace Support Network.
Updated Jan. 11, 2018 14:45 CST
Rackspace continues work to mitigate and remediate the three vulnerabilities discovered Jan. 3.
As we have noted, we are engaged in a full-scale response. We continue to communicate directly with customers if we need to take actions that would impact their environments.
While we can't currently offer a timeline when full mitigation and remediation will be complete, we will update this blog post when we have relevant new information to share. We understand this lack of information can be frustrating. However, we are providing updates on how mitigation efforts are affecting specific services on the Rackspace Support Network.
Please know we are treating this incident with the utmost urgency, working to ensure our customers' environments are protected in the least impactful manner possible.
Updated Jan. 10, 2018 09:45 CST
Updates on specific Rackspace services now available via the Rackspace Support Network.
Updated Jan. 5, 2018, 14:30 CST
On Jan. 3, 2018, Rackspace was made aware of a set of vulnerabilities affecting certain Intel, AMD and ARM processors.
We are addressing the issue as vendor patches are released and workarounds become available.
- "US-CERT is not aware of any active exploitation at this time." - Jan. 5, 2018 13:00 CST
- “At this stage there has been no evidence of any malicious exploitation..." - Jan. 5, 2018 13:00 CST
At Rackspace, we’re focused on ensuring our solutions best support our customers’ environments. We’re implementing a plan of action and proactively investigating solutions to remedy this issue.
While there is currently no single fix for the vulnerabilities, a number of vendors have released suggested mitigations and remediation(s). As these are released, we’ll assess, test, coordinate and deploy accordingly across our environment. We will communicate to affected customers if actions that would impact their environments are required.
This is a complex and evolving situation. Our first priority is to ensure our customers’ environments are protected, and we’ll do that in the least impactful manner possible.