Lazy FP State Restore security vulnerability affects Intel CPUs

By: Costea Lestoc
2 minute read

Intel CPUs have been recently hit by a new flaw called Lazy FP State Restore and the tech company already confirmed the new bug. All vendors are in a hurry to roll out security updates to enhance CPU security for their customers. Microsoft is one of the tech firms that provided advice for dealing with the bug in a recent advisory. The company confirmed that security patches are currently being developed and they will be rolled out shortly.

Microsoft will release the fix on July Patch Tuesday

It seems that Microsoft will not send out these patches when they are ready, and the company is just waiting for the next Patch Tuesday to deliver them. This is scheduled for July 10. The company explains in its advisory that the bug is enabled by default in Windows and unfortunately this flaw cannot be disabled. The vulnerability also affects the kernel, virtual machines, and processes. The good news is that users running virtual machines in Microsoft Azure are protected.

Here’s how the flaw works

In its advisory, Microsoft explains that a hacker is able to cause data stored in the Floating Point, MMX and SSE register state to be leaked across security boundaries on Intel Core family CPUs via a speculative execution. In order to exploit this flaw, the hacker must be able to execute code locally on a system. This is quite similar to the other speculative execution vulnerabilities.

Microsoft continues and explains that the data leaked in the register state depends on the code execution and on whether any code stores sensitive data in the FP register state.

Recommended actions

The tech giant also provides steps that have to be taken in order to prevent disaster:

  • Register for security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
  • Go to Intel’s website
  • Apply security updates when they become available in a future Update Tuesday.

Head over to Microsoft’s advisory and read all the details on the Lazy FP State Restore flaw.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading