Scheduled Maintenance (Security Patch) - January 6, 2018

 

The Allocadia service will undergo system maintenance for a critical security patch as outlined below on Saturday, January 6, 2018 from 16:00-18:00 PT. For a few minutes during this time, Allocadia will not be available. We apologize for the inconvenience. 

A number of significant vulnerabilities present in processor chips manufactured by Intel has recently been disclosed. These vulnerabilities are technically known as CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754; and more popularly as "Meltdown" and "Spectre."

Allocadia has conducted an extensive risk assessment to determine the potential for these vulnerabilities to be exploited and is actively working, in conjunction with our technology suppliers, to mitigate these risks as quickly as practical. The primary exposure vector for Allocadia was related to our production infrastructure which runs within Amazon Web Services. AWS has confirmed (https://aws.amazon.com/security/security-bulletins/AWS-2018-013/) that as of Jan 4th, 2018, "All instances across the Amazon EC2 fleet are protected from all known threat vectors from the CVEs previously listed."

As Allocadia continues to work towards the full remediation of the supply chain and the validation of trust at each point in the chain, we will issue relevant updates to our customers.

Please contact Support with any questions or concerns.

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.