Summary: Earlier this week we were alerted about a vulnerability that could potentially allow a remote attacker to access privileged memory on servers, desktops etc. We have been working with our vendors in relation to this.
What is affected: All services are potentially affected. Every Linux and Windows release is currently vulnerable to these attacks.
Our plan:
Windows Infrastructure; This covers Linux Shared Hosting (as it’s virtualised on HyperV), Windows shared hosting, Hosted Exchange. We have installed the updates that are currently available for Microsoft on all platforms. Reboots need to be performed for it to take effect. We’ll do a separate post about this.
Linux Infrastructure; This covers our Cloud VMs, all MySQL servers on shared hosting (excluding a small number on HyperV), Dedicated Servers, the kernels inside customer VMs (we expect once the hypervisors are patched for the impact to be minimal).
– We’re awaiting vendor patches from:
* Redhat (RH6,7 mainstream kernels were released)
* CentOS – we expect them over the next few hours.
* CloudLinux – we expect them today but probably tonight Irish time into Friday morning.
* Virtuozzo – we expect them today / tomorrow for all kernels.
* Xen 4.4 – we are expecting release of an update 4.9 kernel today, 4.10 is being released at UTC 12:00 we believe.
Office Desktop infrastructure; All Windows PCs, Browsers, Macs and Linux PCs are either patched (if possible) or in the process of being patched. Where updates are not yet available they’ll be patched as soon as they become available.
With all of these we use KernelCare, a product from Cloudlinux, that can “hot patch” the kernel without reboot. If this looks like its going to be possible we will try to go down this route. Otherwise each server will need to be rebooted.
Once more information is available to us we’ll update this post. Additionally we will create separate posts with information about specific servers, services or customer groups.