Foreshadow: What you need to know about the IaaS vulnerability

Intel recently raised awareness of several new vulnerabilities that affect its hardware processors. The vulnerabilities, known as L1 Terminal Fault, or "Foreshadow", enable malicious users to obtain sensitive information from a processor's cache that should normally be secured and unaccessible.

The Foreshadow series of vulnerabilities is particularly dangerous in Infrastructure as a Service (IaaS) cloud environments, given the multi-tenant and shared-hardware nature of IaaS.

Once Foreshadow was announced, Cybera organized, scheduled, and executed a plan to secure our clouds. At this time, users of our IaaS environments are not vulnerable to Foreshadow.

Because our cloud environments provide users with fast and easy access to new technologies and services, ensuring they are secure is a priority of ours!

If you run virtual infrastructure on any other public cloud, we recommend contacting them for specific instructions on how to mitigate against Foreshadow. Below are links to the advisories published by the three major cloud providers: