January 4, 2019 9:00 AM PST
AWS is aware of the two recent security issues disclosed within Kubernetes regarding the Kubernetes API server ("kubectl proxy"), and the Kubernetes Dashboard (CVE-2018-18264). Amazon Elastic Container Service for Kubernetes (EKS) is not affected by the "kubectl proxy" issue, and no customer action is required.
Amazon EKS does not install the Kubernetes Dashboard on customer clusters. For customers who have customized their EKS cluster and installed a version of the Kubernetes Dashboard older than v1.10.1, AWS recommends to upgrade the Kubernetes Dashboard to the latest version.