Rapid4Cloud patches computing products vulnerable to MDS/Zombieload attacks

Rapid4Cloud applied patches for MDS vulnerability

Rapid4Cloud is committed in ensuring that all of its customers data are secured from unauthorized access and other vulnerabilities.

Intel has recently disclosed a group of security flaws in their processors which they named Microarchitectural Data Sampling (MDS), also known as ZombieLoad. In their detailed report, Intel describes the flaws where “an attacker who can execute malicious code locally on an affected system can compromise the confidentiality of data previously handled on the same thread or compromise the confidentiality of data from other hyper-threads on the same processor as the thread where the malicious code executes.”

The three major operating systems developers have released patches that prevents the known vulnerabilities from being exploited.

Rapid4Cloud provides SaaS solutions for Oracle ERP Cloud and EBS and heavily relies on Oracle products and services which include operating systems, virtual machines and other technologies developed by Oracle.  Oracle has released security patches for its Operating systems and virtual machines which Rapid4Cloud security administrators have already applied on their instances.

For more information

Detailed description on Intel MDS vulnerabilities: https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
Oracle OS and VM patches: https://blogs.oracle.com/security/intelmds
Rapid4Cloud Security Updates: https://www.rapid4cloud.com/tag/security/