Security advisories

Vulnerability in modern processors

9 janvier 2018

Summary


On Wednesday, January 3rd, research was published on a class of security vulnerabilities affecting specific processors. These vulnerabilities could allow a user who can execute code on a system to gain unauthorized access to information across security boundaries.


Fastly has completed initial analysis of these vulnerabilities and does not believe they pose an immediate threat to Fastly customers.


Impact


Based on an initial review, we do not believe these disclosures expose Fastly customers to an immediate threat, including through use of the Varnish Configuration Language (VCL).


We are continuing to investigate how these disclosures may affect both Fastly products and technologies we use. We will design and deploy mitigations where required to improve the security of our network and customer traffic.


Fix / Workarounds


Customers do not need to take any action in response to this vulnerability.


The Fastly engineering teams have assessed the impact of this vulnerability, and found no immediate impact on the security of the Fastly network.


As usual with software vulnerabilities, certain machines will need to receive software updates to deploy the mitigations provided by our operating system and software vendors. We do not expect customer-visible impact as these updates are deployed.


More information


You can learn more about this vulnerability here.

Subscribe to security advisories.

By creating an account you agree to the Terms of Service and acknowledge our Privacy Policy.

Ready to get started?

Get in touch or create an account.