According to an official post from Microsoft, Azure customers should not see any noticeable performance impacts from updates surrounding the Intel and AMD CPU vulnerability. Microsoft notes that keeping customers secure is their “number one top priority,” and at the time of their writing, there is also no information to indicate that the “vulnerabilities have impacted Azure customers.”
The concerns of performance issues comes after Intel mentioned that slowdowns from any processor-related security updates may be “workload-dependent.” Microsoft, though, assures Azure customers that majority of Azure infrastructure has already been updated to address this vulnerability.
The company explains that some areas of Azure are still being updated and require a reboot of customer VMs for the security update to take effect. Notification of this was sent out, and no further action is required by Azure customers.
The company expands a bit more in an official statement:
With the public disclosure of the security vulnerability today, we are accelerating the planned maintenance timing and will begin automatically rebooting the remaining impacted VMs starting at 3:30pm PST on January 3, 2018. The self-service maintenance window that was available for some customers has now ended, in order to begin this accelerated update.
During this update, we will maintain our SLA commitments of Availability Sets, VM Scale Sets, and Cloud Services. This reduces impact to availability and only reboots a subset of your VMs at any given time. This ensures that any solution that follows Azure’s high availability guidance remains available to your customers and users. Operating system and Data disks on your VM will be retained during this maintenance. You can see the status of your VMs and if the reboot completed within the Azure Service Health Planned Maintenance Section in your Azure Portal.
The majority of Azure customers should not see a noticeable performance impact with this update. We’ve worked to optimize the CPU and disk I/O path and are not seeing noticeable performance impact after the fix has been applied. A small set of customers may experience some networking performance impact. This can be addressed by turning on Azure Accelerated Networking (Windows, Linux), which is a free capability available to all Azure customers. We will continue to monitor performance closely and address customer feedback.
Microsoft also notes that Azure customers should always apply the best security best practices for VM images. It’s definitely some reassuring news during some very troubling times for Intel.Further reading: AMD, Azure, Intel, Microsoft