Featured Products
Gradient™ AI Agentic Inference Cloud
Build, train, deploy apps/agents and scale at will
Compute
Build, deploy, and scale cloud compute resources
Containers and Images
Safely store and manage containers and backups
Managed Databases
Fully managed resources running popular database engines
Management and Dev Tools
Control infrastructure and gather insights
Networking
Secure and control traffic to apps
Security
Store and access any amount of data reliably in the cloud
Storage
Store and access any amount of data reliably in the cloud
Browse all products
AI/ML
CMS
Data and IoT
Developer Tools
Gaming and Media
GPU
Hosting
Security and Networking
Startups and SMBs
Web and App Platforms
See all solutions
Community
Documentation
Developer Tools
Get Involved
Utilities and Help
Become a Partner
Marketplace
Pricing

A Message About Intel’s Microarchitectural Data Sampling (MDS) Vulnerability

By DigitalOcean

Published: May 14, 2019
2 min read

Update: June 6, 2019

Today, we’re happy to share that we have completed Microarchitectural Data Sampling (MDS) mitigations across our fleet. While we applied microcode to mitigate the potential impact of the vulnerability to a majority of our platform several weeks ago, we were awaiting a microcode to apply to a small percentage of servers. Earlier this week, we received the updated microcode from Intel and our team has been working to update the microcode as quickly as possible, and completed those efforts today.

MDS vulnerability mitigations have been deployed across our entire platform, but we do strongly recommend that all users take steps to ensure your Droplets are up to date and secure, if you have not done so already. If you have already updated your Droplets, no additional action is required.

Original Post: May 14, 2019

Today, Intel released a statement regarding Microarchitectural Data Sampling (MDS) – also referred to as ZombieLoad – a significant security vulnerability that affects cloud providers with multi-tenant environments, including DigitalOcean. Left unmitigated, this vulnerability could allow sophisticated attackers to gain access to sensitive data, secrets, and credentials that could allow for privilege escalation and unauthorized access to user data.

We have been working closely with Intel to understand the impact of these vulnerabilities and the best courses of action to protect our platform and our users. We have received updated microcode from Intel and developed a set of kernel updates to mitigate the vulnerability, and we are rapidly rolling out these mitigations with no downtime to our users.

We also recommend taking steps to ensure your Droplet is up to date and secure. This is especially important if you are running multi-tenant applications or untrusted code inside your Droplet.

In addition to sharing this blog post, we’re reaching out to all users via email. We’ll continue to post informational updates here, and we will reach out directly to users should any additional action be required.

The security of our platform and our users’ data is our top priority, and we’re taking every measure to ensure our customers remain secure. For more information about MDS, you can read Intel’s initial statement.

About the author

DigitalOcean

Author

Start building today

From GPU-powered inference and Kubernetes to managed databases and storage, get everything you need to build, scale, and deploy intelligent applications.