Microsoft, Intel issue urgent warnings about MMIO Stale Data vulnerability on Windows 11, 10
These security flaws are related to the memory mapped I/O (MMIO) component of the CPU, and are therefore collectively known as "MMIO Stale Data Vulnerabilities". After successfully abusing a vulnerable system, a threat actor can simply read privileged information on the system.
In the recently released ADV220002 security advisory document, Microsoft describes the following potential attack scenarios:
'An attacker who successfully exploited these vulnerabilities could read privileged data on the system across trust boundaries. In shared resource environments (such as in some cloud service configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. Given the situation on standalone systems, an attacker would need prior access to the system or the ability to run a specially designed application on the target system to take advantage of these vulnerabilities.
The list of vulnerabilities that have been documented and tracked includes:
- CVE-2022-21123 - Shared Buffer Data Read (SBDR)
- CVE-2022-21125 - Shared Buffer Data Sampling (SBDS)
- CVE-2022-21127 - Special Register Buffer Data Sampling Update (SRBDS Update)
- CVE-2022-21166 - Device Register Partial Write (DRPW)
MMIO uses the processor's physical memory address space to access I/O devices, which can respond as memory elements. According to the security advisory document INTEL-SA-00615, Intel has also described in more detail how the vulnerability can be exploited using the CPU's uncached cache data:
The MMIO Stale Data vulnerabilities are a type of memory-mapped I/O (MMIO) vulnerability that can expose data. When a processor core initiates an MMIO read or write process, the transaction is typically performed with non-storable or write-associated memory types and is passed through non-volatile memory, which is a logical part in the shared CPU. shared by the processor cores and provides a number of common services.
[.] These vulnerabilities involve a series of operations that result in stale data being read directly into the architecture, software-visible state, or sampled from buffers or registers. In some attack cases, stale data may already be in the microarchitecture cache. For other attack scenarios, malicious actors can transfer data from microarchitecture locations such as fill buffers.
Analysis from Microsoft shows that the following versions of Windows may be affected by the vulnerability:
- Windows 11
- Windows 10
- Windows 8.1
- Windows Server 2022
- Windows Server 2019
- Windows Server 2016
The list of affected CPUs along with the corresponding mitigation measures are given as follows:
The full list of affected CPU models can be found on Intel's official website, in the 2022 section.
You should read it
- Serious security vulnerability on Intel chips
- New dangerous vulnerability in Intel CPU: Works like Specter and Meltdown, threatening all PCs and the cloud
- Intel continues to have a Plundervolt security vulnerability that reduces CPU voltage
- Intel's chip has eight new serious vulnerabilities
- Intel has overcome serious vulnerabilities in graphics drivers for Windows
- Foreshadow - the fifth most serious security hole in the CPU in 2018
- Microsoft and Intel cooperated to provide microcode updates for the CPU via Windows updates
- The new vulnerability on Intel allows hackers to take control of your computer within 30 seconds
- AMD and ARM both warned of security flaws like Intel processors
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
- Microsoft rewards $ 250,000 for any talent that discovers the new Meltdown and Specter vulnerabilities
- Microsoft fixes 8 critical vulnerabilities
Maybe you are interested
How to use the Round function in Excel to round numbers and process data
How to Overwrite Deleted Data on a Drive in Windows 11/10
How to sort data in Excel using Sort is extremely simple
How to stay safe from 'SpyLoan' Android apps that use your data to blackmail you
6 Excel functions to find data quickly
Email threatening to reveal private data from Microsoft may be a scam