IBM Cloud Takes Action to Address Latest Security Vulnerabilities

Share this post:

Potential security vulnerabilities made public on August 14, 2018, have the potential to allow those with malicious intent to gather sensitive data from computing devices and, therefore, must be addressed. Although there has yet to be a known exploit, IBM Cloud takes all threats seriously and is taking precautionary measures on behalf of our clients.

Next steps: cloud host reboots

IBM Cloud will apply patches to VSI cloud hosts worldwide in the coming days to mitigate the risk to our virtual server clients. We are not able to mitigate this potential vulnerability via hot patching, thus cloud host reboots are the best approach to mitigating the threat to our VSI platform. We are working to develop our maintenance schedule, taking into account our clients’ workloads, and will publish once completed. We will work to provide, at minimum, a seven-day advance notice so clients can prepare for the maintenance.

IBM Cloud already sent an Event Notification to all affected clients with active VSIs detailing the overall maintenance schedule. We understand clients may have numerous devices throughout IBM Cloud Infrastructure, and we’ll also send maintenance notifications with more precise details. These maintenance tickets will identify the affected VSIs and detail the start and end time of their maintenance window. Additionally, clients will receive a two-hour reminder update before the maintenance event takes place, a ticket when the maintenance begins, and a final ticket when the maintenance for the identified VSIs are completed.

Recommended customer action

While we do not anticipate any problems with the reboots, all clients should back up all data from their virtual server instances.

Learn more EVault Backup solutions on IBM Cloud Virtual Servers

Again, although there has yet to be a known exploit – IBM Cloud takes all threats seriously and is taking precautionary measures on behalf of our clients.

Director, IBM Cloud Platform, Compute Offering Management

More Security stories
April 25, 2019

What is Object Storage?

In our latest lightboarding video, Anirup Dutta explains how object storage works, lists some of the benefits, and give you some use cases for when object storage may be your best option.

Continue reading

April 24, 2019

How To Use IBM Cloud Object Storage with Veeam

As you may have heard, Veeam 9.5u4 now includes an integration with IBM Cloud Object Storage. This integration can result in up to 10x savings on long-term data retention and an overall reduction in IT and primary storage costs.

Continue reading

April 19, 2019

Introducing IBM Cloud Object Storage Firewall: Further Secure Your Data

IBM Cloud Object Storage (COS) is giving you more control over who can access your data. We have introduced a new capability allowing you to configure your buckets with trusted IP address(es) that will dictate access to the data in COS.

Continue reading