Vulnerability Management, Threat Management

Intel CPU bugs addressed in new Windows updates

New security updates have been issued by Microsoft to remediate several Memory Mapped I/O Stale Data side-channel information disclosure flaws discovered in Intel CPUs, reports BleepingComputer. Such vulnerabilities, tracked as CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166, could be exploited to enable virtual machine data access for processes in a separate virtual machine. "An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries. In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another," said Microsoft. Microsoft also noted that threat actors could exploit the flaws in non-browsing scenarios on standalone systems by obtaining prior system access or executing a particular application on the targeted system. Updates are available for Windows 10 versions 20H2, 21H2, and 22H2, Windows 11 versions 21H2 and 22H2, and Windows Server 2016, 2019, and 2022 through the Microsoft Update Catalog.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.