To follow up with our last announcement, the update we've been rolling out has been to address a few important issues that would make it easy for attackers to crash our servers or cause significant lag.
The reason we didn't go into more detail earlier was to prevent creative minds out there to use it against us before we are able to fully patch our infrastructure.
Our first mitigation, hours before our scheduled downtime, was to simply disable TCP selective acknowledgment, which is there to reduce bandwidth usage in case a packet got lost and has to be retransmitted. This typically is only relevant if you're experiencing an unstable connection, eg. due to networking issues. Temporarily disabling this avoids being susceptible to trivial server crashes by an attacker.
Additionally, we've rolled out bugfixes for a few related issues, which would allow attackers to significantly slow down our services with minimal to moderate effort.
If you want to know the full technical details, you can read up on it here:https://github.com/Netflix/security-bulletins/blob/ade0e4b2fa67006ee410678752dce2fdfe952e79/advisories/third-party/2019-001.md
Thanks for your patience and if you followed our recommendation at the end of the last post: Enjoy your coffee/tea :-)