Meltdown and Spectre Security Update

news , VP, PM - Platform Trust

UPDATE: Friday, January 5 19:07 PST

As of 13:30 PST, AWS completed their patch deployment addressing tenant isolation threats. AWS reports they have restored the expected multi-tenancy protections similar to dedicated hardware, which leaves Heroku to address the kernel vulnerabilities in runtime host operating systems.

Heroku Performance, Private, and Shield dynos feature varying degrees of isolation from potentially hostile neighbors. However, the shared Common Runtime carries our highest priority for Meltdown (variant 3) mitigation work due to the nature of its shared infrastructure.

The ideal fix is to deploy the updated kernel from Canonical prior to the release of functional...


Subscribe to the full-text RSS feed for Trey Ford.