Amazon Web Services, Microsoft, Google, and other cloud providers are informing customers that they may face downtime and performance degradation as the result of a rushed effort to patch critical bugs present in many computer processors.
The bugs, known as Spectre and Meltdown, were revealed today following a report from The Register. They’re caused by issues in microprocessor design that could potentially allow malicious code to read the contents of a computer’s kernel memory. These issues notably affect the Intel chips that power the overwhelming majority of cloud servers currently running, but other processors — including some designed by AMD and Arm — seem to be affected.
Those big three cloud providers revealed to users that some of them had been cryptically told about required scheduled downtime late last year as part of early efforts to deploy patches to counteract the bug. Those efforts, which were initially quiet and gradual, have now accelerated following the official disclosure of the bugs earlier today.
AWS said in a a statement that the overwhelming majority of virtual machine instances running in its fleet are protected, with the rest getting updates within hours of that notice. Google has already updated its G Suite productivity service and its cloud platform to protect users. Microsoft said that the majority of its Azure infrastructure has been updated to protect against the vulnerabilities but that some customers will still need to undergo downtime in order to gain protection.
But having platform owners update the underlying infrastructure that their customers’ workloads run on top of is only half the battle: Users will have to update their operating systems, as well. Microsoft is expected to release patches for Windows as part of its next Patch Tuesday cycle, while other operating systems are pushing out fixes.
Customers may see some slowdowns with their workloads since the root cause of the issue has to do with speculative execution, which is a technique used by processors to improve performance. Microsoft’s blog post said that the majority of its customers shouldn’t see a noticeable performance impact from the updates deployed to mitigate the bugs, but some will see degraded network performance.