I was very proud to be invited by the Windows Server Management Team to show and explain Project Honolulu during Microsoft Ignite in Orlando, FL. I was on the Server Management booth from Monday to Wednesday and it was amazing. There was so much interest in this new solution. So many questions and good ideas….
Microsoft Azure – planned Maintenance for CPU vulnerability
PU, wow…this year kicks off busy…just with a restart of all Azure VMs…but let’s have a look into this
Maybe you have heard of the new vulnerability disclosed on January 3rd in several Media. The vulnerability is referred to as “speculative execution side-channel attacks” and affects modern processors from Intel, AMD and ARM. The issue can only be fixed on the OS side and all Vendors and platforms are affected.
So, this means also the servers running Microsoft Azure are affected. Microsoft has already deployed mitigations across the majority of their cloud services and is accelerating efforts to complete the remainder. But some customer VMs need to be rebooted to finally get the infrastructure secure.
Starting on January 3rd Microsoft accelerated reboots of customer VMs with Planned Maintenance. All customers had been informed by mail and in the Azure Portal. Also the VMs view, now shows a maintenance status. To figure out if and when your Vms are affected have a look into Azure Service Health – Planned Maintenance
Here you can see if your servers are already updated:
Azure Blog – Securing Azure customers from CPU vulnerability
Security TechCenter – ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities