Windows 10 gets silent security patch to deal with SWAPGS vulnerability
Windows PCs with Intel and AMD chips might be vulnerable again, as Spectre returns after almost a year.
New SWAPGS vulnerability bypasses previous mitigations
This time, the designated CVE-2019-1125 issue similar to Spectre and Meltdown is more powerful and bypasses previous security barriers. The SWAPGS vulnerability mainly affects Intel CPUs produced after 2012.
The vulnerability reads sensitive kernel memory and a malware attack could use it to get passwords and encryption keys out of RAM.
As such, Microsoft released a silent patch to address the problem. The update to the Linux kernel was part of last month’s Patch Tuesday, but it wasn’t revealed until recently, at the BlackHat security conference.
Updating the kernel seems to solve the problem
Here’s what RedHat had to say about CVE-2019-1125:
Red Hat has been made aware of an additional spectre-V1 like attack vector, requiring updates to the Linux kernel. This additional attack vector builds on existing software fixes shipped in previous kernel updates. This vulnerability only applies to x86-64 systems using either Intel or AMD processors.
This issue has been assignedCVE-2019-1125and is ratedModerate.
An unprivileged local attacker can use these flaws to bypass conventional memory security restrictions to gain read access to privileged memory that would otherwise be inaccessible.
Because the kernel patch builds on existing spectre mitigations from previous updates, the only solution is updating the kernel and rebooting the system.
Neither AMD nor Intel are extremely concerned with the issue, and don’t have plans to release microcode updates because the vulnerability can be addressed in software.
Bitdefender, who originally found Spectre, created a page that will give you more info on how to protect your system against critical SWAPGS attacks.
Browsers are essential tools for surfing the Internet. Also, the interface of any browser is crucial for providing a user-friendly experience. However, this feature is […]
While using the Power Bi desktop app you may face some issues with your data and file. One such error is related to Power Bi […]
The built-in Windows Photos app allows you to edit photos as well as play videos of multiple formats apart from viewing images. Sometime, the app […]