Intel Chip Vulnerability Sends Cloud Providers Into Patching Overdrive

After news of a significant vulnerability in Intel's processors was disclosed this week, AWS, Microsoft and Google had work to do.

Scott Ferguson, Managing Editor, Light Reading

January 4, 2018

4 Min Read
Light Reading logo in a gray background | Light Reading

A significant security flaw in Intel's microprocessors sent all of the major public cloud providers into patching overdrive this week, even as many tried to play down the significance of this particular vulnerability.

Intel Corp. (Nasdaq: INTC), which is currently the world's second largest provider of microprocessors, is a significant player in the data center and cloud markets, and the company's x86 CPU underpins the infrastructures of the hyperscale facilities that support various public cloud platforms. (See Hyperscale Data Centers Continued to Grow in 2017.)

In response, Amazon Web Services Inc. , Microsoft Corp. (Nasdaq: MSFT) and Google (Nasdaq: GOOG) all sent out patching and security information to customers this week. While the flaw in the Intel chips cannot be fixed, the operating systems can be patched to prevent hackers from taking advantage of the vulnerability.

The flaw was first reported in a paper published by Graz University of Technology in Austria. Researchers found that by manipulating pre-executed commands within the chip, which help make data available faster, hackers can gain access to the content of the kernel memory.

Figure 1: Flawed (Source: Axonite via Pixabay) Flawed
(Source: Axonite via Pixabay)

This, in turn, can allow the hacker to gain access to encryption keys and other authentication details of whatever system the CPU is running in.

On Security Now, Curtis Franklin has a complete rundown of how the flaw works and the security implications. (See New Intel Vulnerability Hits Almost Everyone.)

Microsoft has the most at stake in this patching scramble.

Not only is the company's Azure platform the second-largest public cloud platform in the world, the company's Windows operating system is closely coupled with the x86 chip architecture and runs in a significant amount of global data centers.

However, to be fair, Linux operating systems need patching as well.

In a January 3 blog post, Microsoft noted that it is aware of the flaw and that once customers reboot their virtual machines (VMs), it would apply the patch. However, Redmond noted that it planned to accelerate its patching schedule this week to address the security issue.

"The majority of Azure infrastructure has already been updated to address this vulnerability," according to Wednesday's post. "Some aspects of Azure are still being updated and require a reboot of customer VMs for the security update to take effect. Many of you have received notification in recent weeks of a planned maintenance on Azure and have already rebooted your VMs to apply the fix, and no further action by you is required."

AWS, the world's largest public cloud provider, noted in its own post that this type of CPU flaw has been known for about 20 years and can affect AMD and ARM chips, as well as Intel processors. However, Amazon noted that a small percentage of its EC2 fleet was being patched to address the issue late Wednesday.

Amazon also noted that it is patching its own version of Linux and warning customers to look out for updates to Windows.

Keep up with the latest enterprise cloud news and insights. Sign up for the weekly Enterprise Cloud News newsletter.

In its own lengthy post, Google noted that some of the problems with the Intel vulnerability, specifically the flaw with "speculative execution" that helps optimize CPU performance, had been disclosed by its own Project Zero team in 2017.

The search giant also pushed up notification from January 9 to address the security issues that had been made public. A full Project Zero report on the flaw is also in the works.

"As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google's systems and our users' data. We have updated our systems and affected products to protect against this new type of attack," according to the post.

In addition to its own products and services, Google noted that some customer action might be needed to address concerns with its Google Compute Engine, Kubernetes Engine, Cloud Dataflow and Cloud Dataproc.

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

About the Author

Scott Ferguson

Managing Editor, Light Reading

Prior to joining Enterprise Cloud News, he was director of audience development for InformationWeek, where he oversaw the publications' newsletters, editorial content, email and content marketing initiatives. Before that, he served as editor-in-chief of eWEEK, overseeing both the website and the print edition of the magazine. For more than a decade, Scott has covered the IT enterprise industry with a focus on cloud computing, datacenter technologies, virtualization, IoT and microprocessors, as well as PCs and mobile. Before covering tech, he was a staff writer at the Asbury Park Press and the Herald News, both located in New Jersey. Scott has degrees in journalism and history from William Paterson University, and is based in Greater New York.

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like