As you are aware security vulnerabilities have been identified in Intel processors. Urban Airship has been analyzing the possible impact of the recently announced security flaw on our infrastructure. We have also been in contact with our infrastructure providers regarding their remediation activities.
Our service is delivered in a mixed private / public cloud environment. Google Cloud Platform (GCP) has addressed the vulnerability already. Urban Airship's architecture within the Google Cloud Platform mitigates any further vulnerabilities. Amazon Web Services (AWS) is currently upgrading their infrastructure and we are actively monitoring their progress. We have experienced one minor performance issue as a result of these changes and have taken steps to improve performance. We will continue to monitor our systems closely during this process. Our co-located facility is a dedicated environment and all hardware is exclusive to Urban Airship.
Further information about Google’s remediation process can be found here.
iOS and Android devices, as well as browsers, are vulnerable to this security issue. Apple’s response is here with recommendations for mitigating issues with iOS, MacOS, and Safari: https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html.
Google has also provided a detailed write-up regarding Android devices: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html.
Google Chrome browsers have support for mitigating the risks associated with these threats. If you use Chrome, it is recommended you turn on “Site Isolation” by following these steps.