Advisory: OrionVM Platform Not Affected by Xen Hypervisor Vulnerability – XSA-108

To address any customer concerns in regards to the recent, well publicized Xen vulnerability, we want to let you know that the OrionVM platform was not affected by this issue. The following bulletin was shared with OrionVM customers while the Xen hypervisor vulnerability (XSA-108) was under embargo this past week. The embargo was lifted October 1st.

As you may have heard companies (such as Rackspace, IBM and AWS) have already rebooted customer instances over the last week, proactively responding to the information of this potential security breach.

OrionVM was part of a limited set of vendors approved for pre-disclosure access and received details about the issue, which would have allowed us to patch our systems before the issue was made public by Xen.

The good news is that our platform was not affected by this issue, so no action was necessary.

We take customer security extremely seriously. Immediately upon learning the issue existed, our operations team worked diligently to bring extra compute online in anticipation of migrating customer instances to patched hypervisors, and also began testing an upgrade path. Given our preparation and quick action, an effective process was in place to handle the situation if a patch update had been required.

Now that the issue is no longer under embargo, we are now learning just how vulnerable customer data may have been with other cloud providers that were impacted by this issue. Per a recent article Olivier Lambert of the Xen Orchestra Project said the flaw could be used to read the memory of other guest virtual machines or crash them. Disgruntled users of other cloud providers forced to reboot their instances has led to a call for a set of industry patching best practices  to better handle these types of security updates in the future.

If you have any further questions or concerns, please do not hesitate to contact us by emailing support@orionvm.com