Ekco Cloud Edinburgh Status

Linux Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)

Identified - Solution has been identified and we have contacted customers.
If you have not not been contacted and need assistance with this, please contact us via: support@ek.co
Jan 28, 10:03 GMT

Investigating - We are currently investigating a Linux vulnerability (CVE-2021-4034). Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged processes. It is also possible to use polkit to execute commands with elevated privileges using the command pkexec followed by the command intended to be executed (with root permission).
Jan 27, 10:14 GMT

About This Site

Welcome to the Ekco Cloud UK Status Page. If you have any questions, please email us at support@ek.co.

Cloud Operational

Compute Operational

Storage Operational

Management Operational

Backup & DR Operational

Veeam Cloud Connect Operational

Zerto Operational

Network Operational

External Transit Operational

AWS Direct Connect Operational

Private Interconnect Operational

Datacenter Interconnect Operational

Public Peering Operational

Papertrail Log Collection Operational

AWS ec2-eu-west-1 Operational

AWS ec2-eu-west-2 Operational

AWS cloudfront Operational

Operational

Degraded Performance

Partial Outage

Major Outage

Maintenance

Past Incidents

Jan 28, 2022

Unresolved incident: Linux Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034).

Jan 27, 2022

Jan 26, 2022

No incidents reported.

Jan 25, 2022

No incidents reported.

Jan 24, 2022

No incidents reported.

Jan 23, 2022

No incidents reported.

Jan 22, 2022

No incidents reported.

Jan 21, 2022

No incidents reported.

Jan 20, 2022

vCloud Platform Compute Degradation (Telehouse West, UK)

Resolved - We have monitored the environment overnight and have seen no reoccurrence of this issue.

VMware are actively investigating the Logs and we are pushing them for root cause analysis. Ekco will provide a RFO on completion of the investigations internally and by VMware. Please continue to use support as normal and if you experience or notice any issues get in touch through our normal channels. If you have any further queries please contact your account manager or the support team who will be able to assist.
Jan 20, 09:03 GMT

Monitoring - A fix has been implemented and we are continuing to monitor the situation. Most customers should start to see their environments stabilise, for anyone continuing to see issues please raise a ticket with support@ek.co.
Jan 19, 19:19 GMT

Update - We are continuing to work on the fix for this issue.
Jan 19, 18:37 GMT

Identified - The issue has been identified and a fix is being implemented.
Jan 19, 17:40 GMT

Investigating - We have received multiple monitoring alerts indicating a problem with our compute clusterin the Telehouse West datacenter. A small number of client virtual machines were automatically restarted onto other members of the compute cluster by VMware High Availability (HA).

We are currently investigating the issue and working on a resolution. Further updates will follow
Jan 19, 17:26 GMT

Jan 19, 2022

CVE-2021-44228 - Log4J Critical Zero-day vulnerability

Resolved - This incident has been resolved.
Jan 19, 17:22 GMT

Investigating - We are aware of the wide-ranging vulnerability affecting Apache Log4j that was disclosed on Friday 10th December. We are presently reviewing all internal and customer-managed systems for exposure and applying any recommended updates and/or mitigations.

An engineer will be in contact regarding any specific mitigations required in customer environments.
Dec 13, 11:41 GMT

Jan 18, 2022

No incidents reported.

Jan 17, 2022

No incidents reported.

Jan 16, 2022

No incidents reported.

Jan 15, 2022

No incidents reported.

Jan 14, 2022

No incidents reported.