Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Microsoft, Intel issue urgent warnings about MMIO Stale Data vulnerability on Windows 11, 10
These security flaws are related to the memory mapped I/O (MMIO) component of the CPU, and are therefore collectively known as "MMIO Stale Data Vulnerabilities". After successfully abusing a vulnerable system, a threat actor can simply read privileged information on the system.
In the recently released ADV220002 security advisory document, Microsoft describes the following potential attack scenarios:
'An attacker who successfully exploited these vulnerabilities could read privileged data on the system across trust boundaries. In shared resource environments (such as in some cloud service configurations), these vulnerabilities could allow one virtual machine to improperly access information from another. Given the situation on standalone systems, an attacker would need prior access to the system or the ability to run a specially designed application on the target system to take advantage of these vulnerabilities.
The list of vulnerabilities that have been documented and tracked includes:
- CVE-2022-21123 - Shared Buffer Data Read (SBDR)
- CVE-2022-21125 - Shared Buffer Data Sampling (SBDS)
- CVE-2022-21127 - Special Register Buffer Data Sampling Update (SRBDS Update)
- CVE-2022-21166 - Device Register Partial Write (DRPW)
MMIO uses the processor's physical memory address space to access I/O devices, which can respond as memory elements. According to the security advisory document INTEL-SA-00615, Intel has also described in more detail how the vulnerability can be exploited using the CPU's uncached cache data:
The MMIO Stale Data vulnerabilities are a type of memory-mapped I/O (MMIO) vulnerability that can expose data. When a processor core initiates an MMIO read or write process, the transaction is typically performed with non-storable or write-associated memory types and is passed through non-volatile memory, which is a logical part in the shared CPU. shared by the processor cores and provides a number of common services.
[.] These vulnerabilities involve a series of operations that result in stale data being read directly into the architecture, software-visible state, or sampled from buffers or registers. In some attack cases, stale data may already be in the microarchitecture cache. For other attack scenarios, malicious actors can transfer data from microarchitecture locations such as fill buffers.
Analysis from Microsoft shows that the following versions of Windows may be affected by the vulnerability:
- Windows 11
- Windows 10
- Windows 8.1
- Windows Server 2022
- Windows Server 2019
- Windows Server 2016
The list of affected CPUs along with the corresponding mitigation measures are given as follows:
The full list of affected CPU models can be found on Intel's official website, in the 2022 section.
Samuel DanielYou should read it
- Intel continues to have a Plundervolt security vulnerability that reduces CPU voltage
- Intel's chip has eight new serious vulnerabilities
- Intel has overcome serious vulnerabilities in graphics drivers for Windows
- Foreshadow - the fifth most serious security hole in the CPU in 2018
- Microsoft and Intel cooperated to provide microcode updates for the CPU via Windows updates
- The new vulnerability on Intel allows hackers to take control of your computer within 30 seconds
- AMD and ARM both warned of security flaws like Intel processors
- Microsoft expert discovered a series of serious code execution errors in IoT, OT devices
May be interested
- Japan's new breakthrough forecast could improve weather warnings
according to the researchers, a new project that exploits data from japanese satellites could improve weather forecasts and allow officials to issue rescue warnings before disasters. - Intel CPUs continue to get stuck, Microsoft is forced to release up to 7 different updates for Windows 10this is not the first time microsoft has had to release an update to patch the intel cpu, but this time it has released seven different updates for each version of windows 10, rather than sharing the same version. previous times.
- Detected a serious BIOS vulnerability, affecting many Intel processorslocated in the bios, two newly discovered vulnerabilities allow hackers to perform malicious attacks on the victim's system.
- Microsoft and Intel cooperated to provide microcode updates for the CPU via Windows updatesmicrosoft and intel have teamed up to provide users with intel cpu microcode updates to overcome the specter v2 vulnerability through a windows update package.
- Microsoft admits a new zero-day vulnerability threatens millions of Windows usersaccording to microsoft, this new zero-day vulnerability affects all versions of windows from windows 7 to windows 10 and corresponding versions of windows server.
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windowsalthough microsoft releases patches for windows vulnerabilities on a monthly basis, there are still security issues that remain. recently, the us cybersecurity and infrastructure agency (cisa) reported a critical vulnerability in the windows print spooler system.
- The new vulnerability on Intel allows hackers to take control of your computer within 30 secondswhile intel's meltdown and specter vulnerabilities have not been completely overcome, the world faces a new security vulnerability that allows hackers to take complete control of the user's device and attack time within 30 seconds.
- Detects a vulnerability that threatens all Windows computers shipped from 2012 up to nowsecurity researchers have found a vulnerability in the microsoft windows platform binary table (wpbt). this vulnerability can be exploited by hackers to install rootkits on all windows computers shipped from 2012 to the present.
- Found an 'unpatchable' flaw in Intel CPUsinternational security researchers have identified a critical flaw that exists in intel cpus.
- New malware discovered that can bypass Windows SmartScreen and steal user datainternational security researchers from the trend micro team have just issued an urgent warning about a previously unknown type of malware that is actively exploiting the windows defender smartscreen vulnerability cve-2023-36025. and compromise the target computer.
Attack the network
- Detecting a new strain of malicious code that abuses Windows Installer to deploy infection activities
- Warning: Ransomware is spreading through fake malicious Windows updates
- Warning: Quantum Ransomware is being rapidly deployed in lightning attacks
- HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
- Notorious hacker group Hafnium deployed malicious code to target Windows, Microsoft stood still
- New banking malware discovered that can remotely control Android devices
Detecting a new strain of malicious code that abuses Windows Installer to deploy infection activities
Warning: Ransomware is spreading through fake malicious Windows updates
Warning: Quantum Ransomware is being rapidly deployed in lightning attacks
HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
Notorious hacker group Hafnium deployed malicious code to target Windows, Microsoft stood still
New banking malware discovered that can remotely control Android devices