VENOM: We need to reboot all VMs

We are currently rolling out an updated version of Qemu which includes a bugfix for the VENOM vulnerability. To activate it, we have to reboot all VMs.

The reboots will be scheduled automatically during the next days during regular maintenance windows. Resource group owners will get notified in advance as usual. If any specific reboot schedule does not suit your needs, don’t hesitate to contact our Support and we will reschedule.

Please note that this is a safety precaution: the attack path is quite hard to go on our platform. Root privileges are required to perform the attack, but these are not handed out to anyone on managed machines.

This is a good time to check that all services are properly coming up during machine startup! Please refer to our user-init documentation to learn how to set this up properly.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s