Another vulnerability in the vulnerable like Swiss cheese security processors from Intel. Bitdefender researchers have found another weak spot in blue chips that allowed attack on all computers equipped with Ivy Bridge and newer processors. Fortunately, the problem was solved with one of the last patches for Windows, but the whole thing does not put Bob Swan in the best light.
The vulnerability just disclosed has been named as SWAPGS and can be found in all new Intel chips released since 2012. Fortunately, in the case of AMD we can feel safe, because according to red their processors do not have the vulnerability described. SWAPGS is based on similar solutions, which were discussed on the occasion of Specter and Meltdown, but also bypasses the protective mechanisms introduced in patches for these vulnerabilities.
https://dllxfiles.com/ – Download missing DLLs
Again, the matter concerns the speculative code execution mechanism, and the attack itself uses a side channel to execute instructions from the system kernel. By skilfully using the vulnerability, you can cause a data leak from the kernel memory, which we don’t normally have access to. It regards, among others for passwords, encryption keys, tokens and various types of credentials. Importantly, the problem only affects Windows and was not recognized on any of the tested Linux distributions.
RIDL, Fallout and ZombieLand – new attacks exploiting MDS vulnerabilities in Intel processors
Bitdefender has worked closely with Intel and Microsoft, which resulted in the preparation and release of Windows for Windows, which most of you have already installed since July 9 this year. No additional microcode update is required in this case. Thus, we can rather feel safe, at least until the next vulnerability is discovered, which, looking at the frequency of such discoveries, should take place soon.