Meltdown and Spectre vulnerabilities

All Dynatrace systems are patched.

Impact: Current investigation shows that Dynatrace software is not directly affected in terms of security, but we will continue to investigate. However, Dynatrace highly recommends patching operating systems and hypervisors of systems running Dynatrace software on-premises (except for systems running Enterprise Synthetic Monitoring). See below for specific details.

Dynatrace

SaaS

Meltdown: All Dynatrace systems are patched. Customers will not notice a performance impact.

Spectre: All Dynatrace systems are patched. Customers will not notice a performance impact.

Managed

Meltdown: All Dynatrace Mission Control systems are patched. Customers are advised to patch hypervisors and operating systems running Dynatrace on-premises components. Current tests have not shown any significant performance impact caused by operating system patches. Performance impact by hypervisor patches depends on hypervisor technology and workload, ranging from negligible to noticeable.

Spectre: Customers are advised to patch operating systems running Dynatrace on-premises components. Current tests have not shown noticeable performance impact caused by operating system patches.

Application Monitoring (AppMon)

Meltdown: Customers are advised to patch hypervisors and operating systems running Dynatrace on-premises components. Current tests have not shown any significant performance impact caused by operating system patches. Performance impact by hypervisor patches depends on hypervisor technology and workload, ranging from negligible to noticeable.

Spectre: Customers are advised to patch operating systems running Dynatrace on-premises components. Current tests have not shown noticeable performance impact caused by operating system patches.

Synthetic Monitoring

Meltdown: All Dynatrace systems are patched.

Spectre: All Dynatrace systems are patched.

Data Center RUM

Meltdown: Customers are advised to patch hypervisors and operating systems running Dynatrace Data Center Real User Monitoring on-premises components. Current tests have not shown any significant performance impact caused by operating system patches. Performance impact by hypervisor patches depends on hypervisor technology and workload, ranging from negligible to noticeable.

Spectre: Customers are advised to patch operating systems running Dynatrace Data Center Real User Monitoring components. Current tests have not shown noticeable performance impact caused by operating system patches.

Enterprise Synthetic Monitoring (ESM)

Meltdown and Spectre: When Microsoft Windows updates KB4056892KB4056888KB4056895 or KB4056898 are applied to a system running ESM Agent or Agent Manager, ESM monitoring and communication will be halted after a reboot. We have developed and tested an ESM 12.5.x and ESM 12.4.x patch based on a workaround proposed by Microsoft. The link to download the patch and detailed instructions on how to apply it, can be found on the specific page for ESM 12.5.x and ESM 12.4.x. Please note that Microsoft is also working on a resolution and will provide an update in an upcoming release.

Get article updates or report security vulnerabilities


Dynatrace takes a proactive approach in communicating security vulnerability information to customers. Learn more about Dynatrace security and our security policy. To report a security issue, email security@dynatrace.com.

RSS feed Report issue