In the next few minutes we will be rebooting all of our nodes to patch some severe exploits that were recently announced. The exploits, known as Meltdown and Spectre, impact nearly every server built since 1995 and a reboot is required to patch the kernel. Normally we utilize KernelCare to maintain kernel security patches without requiring a reboot, but at this time the KernelCare developers have not released a patch for these exploits and even if they do they are not completely sure it won't still require a reboot due to the complexity of the patches.

If you would like to read more about these exploits you may do so at the following links:
https://spectreattack.com/
https://access.redhat.com/security/vulnerabilities/speculativeexecution

If you'd like to see KernelCare's response to these exploits to give you some idea of the time and effort involved in patching such complex issues you may do so here: https://www.cloudlinux.com/cloudlinux-os-blog/entry/intel-cpu-bug-kernelcare-and-cloudlinux

We will be providing updates via Twitter during these reboots in the event we run into any issues with patching. We apologize for the inconvenience this may have caused you but we're opting not to wait for KernelCare to release a fix in order to ensure the best security for our clients and your data.

COMPLETED - All servers and VPSs were reporting back online as of 10:01AM EST. The majority of the nodes only experienced a 2 minute outage with 3 of them requiring more than one reboot. fl2ovz02 required manually intervention but after pulling one of the hard drives used for local backups it booted up normally.

-The Secure Dragon Team


Duminică, Ianuarie 7, 2018





« înapoi