Today, Intel released a statement regarding Microarchitectural Data Sampling (MDS) – also referred to as ZombieLoad – a significant security vulnerability that affects cloud providers with multi-tenant environments, including DigitalOcean. Left unmitigated, this vulnerability could allow sophisticated attackers to gain access to sensitive data, secrets, and credentials that could allow for privilege escalation and unauthorized access to user data.
We have been working closely with Intel to understand the impact of these vulnerabilities and the best courses of action to protect our platform and our users. We have received updated microcode from Intel and developed a set of kernel updates to mitigate the vulnerability, and we are rapidly rolling out these mitigations with no downtime to our users.
We also recommend taking steps to ensure your Droplet is up to date and secure. This is especially important if you are running multi-tenant applications or untrusted code inside your Droplet.
In addition to sharing this blog post, we’re reaching out to all users via email. We’ll continue to post informational updates here, and we will reach out directly to users should any additional action be required.
The security of our platform and our users’ data is our top priority, and we’re taking every measure to ensure our customers remain secure. For more information about MDS, you can read Intel’s initial statement.
1 Like
this is part of why Sandstorm exists!