Update on Spectre and Meltdown Vulnerabilities

mLab is aware of CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 (aka, Meltdown and Spectre).

Our infrastructure service providers have worked for the past month to update systems globally. It is our understanding that this work has been completed, although we are working with our providers to stay updated on whether further maintenances will required.

Our engineering team continues to evaluate the stability, security, and performance impact of the released patches, and will apply additional patches and mitigating controls as available and necessary. At this time, we are unaware of any critical security risks to mLab users and their data.  

We have begun assessing the performance impact of the most recent patches. We can confirm we have seen instances of increased System CPU time and performance degradation on database deployments, but the magnitude of the impact has varied. In some cases the magnitude has been small (1% - 2%) where in other cases been closer to 10%. The impact appears to be very workload dependent.

Please contact support@mlab.com if you have questions or concerns.