Article Security January 4, 2018

CPU Security Issue Fixed More Easily in the Cloud

By now you’ve probably heard about the decades-old flaw in Intel, AMD and ARM CPUs that could expose the contents of private memory to a dedicated hacker. The flaw was actually detected in late 2017, by Google Project Zero, who alerted computing and operating system vendors, like Red Hat, but also cloud platforms like Microsoft, AWS and of course, Google Cloud, of the vulnerability. They quickly developed patches for the issue. While the update was scheduled for January 9th, press reports and discussions in the security community led them to accelerate that to yesterday, January 3rd.

In fact, you may have received an email from your cloud provider notifying you of this important update. Amazon posted details here, Microsoft did the same, as did Google.


Whether you operate in the cloud, on-premise, or both, this effects you. But for servers in the cloud, such fixes can go a little more smoothly than if you had to patch running systems in your data center. As mentioned above, all of the major cloud platforms have already patched the issue for new instances, and provided instructions for updating existing instances. The cloud approach makes it easy to avoid downtime as new, corrected instances can spin up to handle the load while old instances are retired. Containers and hypervisors can further ensure uptime thanks to virtualization.

There will likely be more security flaws discovered in the future… that’s the nature of technology. But cloud users, knowing that the full force of AWS, Microsoft and others are there to detect, fix, and deploy updates, literally overnight (AWS rolled out their fix at 10:45pm June 3rd) should be able to sleep better!

Todd Bernhard
Todd Bernhard is a Product Marketing Manager at CloudCheckr and AWS Certified Cloud Practitioner. He has been administering, teaching and developing on Unix systems since 1984 including 16 years at Sun Microsystems, now part of Oracle. In 2010, Todd founded the award-winning app development firm This photo is the last known image of him wearing a tie!
Subscribe to our Blog
Sign up now to get more great content.
Learn how CloudCheckr can help you optimize and automate your cloud.