There are days when even a “halfway” adult man sits there and is as nervous as a small child before saying poems at school… One of these days was July 1st this year – after I received the Microsoft MVP award for the first time in October 2015, then still for System Center Cloud and…
Microsoft Azure – planned Maintenance for CPU vulnerability
PU, wow…this year kicks off busy…just with a restart of all Azure VMs…but let’s have a look into this
Maybe you have heard of the new vulnerability disclosed on January 3rd in several Media. The vulnerability is referred to as “speculative execution side-channel attacks” and affects modern processors from Intel, AMD and ARM. The issue can only be fixed on the OS side and all Vendors and platforms are affected.
So, this means also the servers running Microsoft Azure are affected. Microsoft has already deployed mitigations across the majority of their cloud services and is accelerating efforts to complete the remainder. But some customer VMs need to be rebooted to finally get the infrastructure secure.
Starting on January 3rd Microsoft accelerated reboots of customer VMs with Planned Maintenance. All customers had been informed by mail and in the Azure Portal. Also the VMs view, now shows a maintenance status. To figure out if and when your Vms are affected have a look into Azure Service Health – Planned Maintenance
Here you can see if your servers are already updated:
Azure Blog – Securing Azure customers from CPU vulnerability
Security TechCenter – ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities