Two major security vulnerabilities have been discovered that affect virtually all CPUs released in the last 20 years:
These allow attackers to read any memory on your computer — potentially even from JavaScript code executing in your browser!
Securing all the different attack vectors will likely take multiple patches. AWS has announced that it has patched just about all physical EC2 Instances on its end already. However, we strongly recommend that you also patch the OS running in your VMs, Docker containers, and personal computers ASAP.
For example, for servers, run yum update kernel or apt-get upgrade in your Packer or Docker builds and roll out the new images to all your servers. For personal computers, install the latest Windows and OS X updates. More patches will likely be released in the near future, so keep your eyes open and be ready to update.
We sent an email about this vulnerability to the security alerts mailing list on January 4, 2018.