AWS Security Maintenance: Meltdown & Spectre

Amazon is in the process of planning how to patch their remaining EC2 hosts to protect against Meltdown and Spectre. Official details are here:

https://aws.amazon.com/security/security-bulletins/AWS-2018-013/

We’ll probably receive a small number of maintenance notifications in the next few days. I’ll try to forward those onto account owners in a timely fashion. Since Amazon is trying to fully remediate as quickly as possible, we can expect substantially less lead time than Amazon provides for normal maintenance.

Amazon’s work should protect their hypervisors, disallowing use of the attacks to break out of a VM, but you’ll still need to update the OS inside your VM to protect at that level.

Comments are closed.