Science

Hardware vulnerability bypasses Spectre and Meltdown patches – CNET

Your ads will be inserted here by

Easy Plugin for AdSense.

Please go to the plugin admin page to
Paste your ad code OR
Suppress this ad slot.

James Martin/CNET

A new hardware vulnerability bypassing previous Spectre and Meltdown protections has been found by Bitdefender researchers, CNET sister site ZDNet reported Tuesday. It affects all Windows systems with AMD or Intel processors since 2012 and can access protected memory.

Spectre and Meltdown are vulnerabilities uncovered in the chips that <a href="https://www.cnet.com/news/how-to-fix-meltdown-spectre-intel-amd-arm-windows-mac-android-ios/" rel="noreferrer noopener" target="_blank">handle sensitive data</a> like passwords and encryption keys. Chips originally affected when the <a href="https://www.cnet.com/news/spectre-meltdown-intel-arm-amd-processor-cpu-chip-flaw-vulnerability-faq/" rel="noreferrer noopener" target="_blank">vulnerability was revealed back in January 2018</a> included <a href="https://www.cnet.com/tags/intel/" rel="noreferrer noopener" target="_blank">Intel</a> and AMD or those designed by Arm. 

The latest Spectre variant, called SWAPGSAttack and designated CVE-2019-1125, could be used to secretly monitor and take information off a computer. While it works around previous patches, you can protect yourself by using a security update released in July after Bitdefender worked with Intel and <a href="https://www.cnet.com/tags/microsoft/" rel="noreferrer noopener" target="_blank">Microsoft</a> on the issue for a year. 

Microsoft's advisory says &quot;an attacker who successfully <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125" rel="noreferrer noopener" target="_blank">exploited the vulnerability could read privileged data</a>​ across trust boundaries.&quot; 

&quot;Customers who have Windows Update enabled and applied the security updates are protected automatically,&quot; a Microsoft spokesperson also told ZDNet.  

&quot;Intel, al<a href="https://www.cnet.com/news/hardware-vulnerability-bypasses-spectre-and-meltdown-patches/#ftag=CAD590a51e" rel="noreferrer noopener" target="_blank"><strong>Read More – Source</strong></a>
[contf] [contfnew]

cnet
[contfnewc] [contfnewc]

Related Posts