Security alert - Meltdown and Spectre vulnerabilities

Dynatrace is currently investigating and mitigating the potential impact caused by the Meltdown and Spectre vulnerabilities. Dynatrace systems are already patched or will be patched after updates become available and are thoroughly tested.

Impact: Current investigation shows that Dynatrace software is not directly affected in terms of security, but we will continue to investigate. However, Dynatrace highly recommends patching operating systems and hypervisors of systems running Dynatrace software on-premises (except for systems running Enterprise Synthetic Monitoring). See below for specific details.

Dynatrace

SaaS

Meltdown: All systems patched as of Jan 4th. Customers will not notice a performance impact.

Spectre: Impacts Synthetic monitoring capabilities and we are currently investigating upcoming patches from operating system and web browser vendors. Other Dynatrace capabilities are not directly impacted but are still being patched and investigated.

Managed

Meltdown: Dynatrace Mission Control systems are patched as of Jan 4th. Customers are advised to patch hypervisors and operating systems running Dynatrace on-premises components. Current tests have not shown any significant performance impact caused by operating system patches. Performance impact by hypervisor patches depends on hypervisor technology and workload, ranging from negligible to noticeable. Dynatrace Mission Control will notify customers if noticeable impacts due to patches are observed.

Spectre: Customers are advised to patch operating systems running Dynatrace on-premises components. Current tests have not shown noticeable performance impact caused by operating system patches. Synthetic monitoring capabilities are currently being investigated for upcoming patches from operating system and web browser vendors. Other Dynatrace capabilities are not directly impacted but are still being patched and investigated.

Application Monitoring (AppMon)

Meltdown: Customers are advised to patch hypervisors and operating systems running Dynatrace on-premises components. Current tests have not shown any significant performance impact caused by operating system patches. Performance impact by hypervisor patches depends on hypervisor technology and workload, ranging from negligible to noticeable.

Spectre: Customers are advised to patch operating systems running Dynatrace on-premises components. Current tests have not shown noticeable performance impact caused by operating system patches.

Synthetic Monitoring

Meltdown: Partially patched, further patching ongoing.

Spectre: We are currently investigating JavaScript-based exploits and are testing upcoming operating system and web browser updates.

Data Center RUM

Meltdown: Customers are advised to patch hypervisors and operating systems running Dynatrace Data Center Real User Monitoring on-premises components. Current tests have not shown any significant performance impact caused by operating system patches. Performance impact by hypervisor patches depends on hypervisor technology and workload, ranging from negligible to noticeable.

Spectre: Customers are advised to patch operating systems running Dynatrace Data Center Real User Monitoring components. Current tests have not shown noticeable performance impact caused by operating system patches.

Enterprise Synthetic Monitoring (ESM)

Meltdown and Spectre: When Microsoft Windows updates KB4056892, KB4056888, KB4056895 or KB4056898 are applied to a system running ESM Agent or Agent Manager, ESM monitoring and communication will be halted after a reboot. We have developed and tested an ESM 12.5.x patch based on a workaround proposed by Microsoft. The link to download the patch and detailed instructions on how to apply it, can be found here. A patch for ESM 12.4.x is currently being verified. Please note that Microsoft is also working on a resolution and will provide an update in an upcoming release.