Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Windows 10 gets silent security patch to deal with SWAPGS vulnerability
2 min. read
Published onAugust 7, 2019
published onAugust 7, 2019
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Windows PCs withIntelandAMDchips might be vulnerable again, asSpectrereturns after almost a year.
New SWAPGS vulnerability bypasses previous mitigations
This time, the designated CVE-2019-1125 issue similar to Spectre and Meltdown is more powerful and bypasses previous security barriers.The SWAPGSvulnerabilitymainly affectsIntelCPUs produced after 2012.
Thevulnerabilityreads sensitive kernel memory and amalware attackcould use it to get passwords and encryption keys out of RAM.
As such,Microsoftreleased a silentpatchto address the problem. The update to the Linux kernel was part of last month’sPatch Tuesday, but it wasn’t revealed until recently, at theBlackHat security conference.
Updating the kernel seems to solve the problem
Here’s what RedHathad to sayaboutCVE-2019-1125:
Red Hat has been made aware of an additional spectre-V1 like attack vector, requiring updates to the Linux kernel. This additional attack vector builds on existing software fixes shipped in previous kernel updates. Thisvulnerabilityonly applies to x86-64 systems using eitherIntelorAMDprocessors.
This issue has been assignedCVE-2019-1125and is ratedModerate.
An unprivileged local attacker can use these flaws to bypass conventional memory security restrictions to gain read access to privileged memory that would otherwise be inaccessible.
Because thekernelpatchbuilds on existing spectre mitigations from previous updates, the only solution is updating the kernel and rebooting the system.
NeitherAMDnorIntelare extremely concerned with the issue, and don’t have plans to release microcode updates because thevulnerabilitycan be addressed in software.
Bitdefender, who originally found Spectre, createda pagethat will give you more info on how to protect your system against critical SWAPGS attacks.
More about the topics:amd,Cybersecurity,intel,windows 10
Vlad Turiceanu
Windows Editor
Passionate about technology,Windows, and everything that has a power button, he spent most of his time developing new skills and learning more about the tech world.
Coming from a solid background in PC building and software development, with a complete expertise in touch-based devices, he is constantly keeping an eye out for the latest and greatest!
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Vlad Turiceanu
Windows Editor
Coming from a solid background in PC building and software development, he’s a Windows 11 Privacy & Security expert.
