Lazy FP State Restore security vulnerability affects Intel CPUs

2 minute read

Home » News » Lazy FP State Restore security vulnerability affects Intel CPUs

Intel CPUs have been recently hit by a new flaw called Lazy FP State Restore and the tech company already confirmed the new bug. All vendors are in a hurry to roll out security updates to enhance CPU security for their customers. Microsoft is one of the tech firms that provided advice for dealing with the bug in a recent advisory. The company confirmed that security patches are currently being developed and they will be rolled out shortly.

Microsoft will release the fix on July Patch Tuesday

It seems that Microsoft will not send out these patches when they are ready, and the company is just waiting for the next Patch Tuesday to deliver them. This is scheduled for July 10. The company explains in its advisory that the bug is enabled by default in Windows and unfortunately this flaw cannot be disabled. The vulnerability also affects the kernel, virtual machines, and processes. The good news is that users running virtual machines in Microsoft Azure are protected.

Here’s how the flaw works

In its advisory, Microsoft explains that a hacker is able to cause data stored in the Floating Point, MMX and SSE register state to be leaked across security boundaries on Intel Core family CPUs via a speculative execution. In order to exploit this flaw, the hacker must be able to execute code locally on a system. This is quite similar to the other speculative execution vulnerabilities.

Microsoft continues and explains that the data leaked in the register state depends on the code execution and on whether any code stores sensitive data in the FP register state.

Recommended actions

The tech giant also provides steps that have to be taken in order to prevent disaster:

  • Register for security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
  • Go to Intel’s website
  • Apply security updates when they become available in a future Update Tuesday.

Head over to Microsoft’s advisory and read all the details on the Lazy FP State Restore flaw.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

NVIDIA GeForce Experience error code 0x0001 [SIMPLE FIXES]

Vlad Turiceanu By: Vlad Turiceanu
3 minute read

Nvidia GeForce Experience is a useful application, but many users reported error code 0x0001 while using Nvidia GeForce Experience. Today we’ll take a look at […]

Continue Reading

How to make Skype work on iPad Mini [ULTIMATE GUIDE]

Mihai Duna avatar. By: Mihai Duna
2 minute read

IPad owners where left frustrated after Skype dropped support for earlier versions of iOS. When trying to install Skype on their iPads, an error message […]

Continue Reading

Your browser does not support WebGL [FIXED BY EXPERTS]

Mihai Duna avatar. By: Mihai Duna
2 minute read

Many Windows 10 users reported not being able to run WebGL supported websites. Error message WebGL is not supported pops up disallowing 2D and 3D […]

Continue Reading