Critical Flaws in Computers Leave Millions of PCs Vulnerable

Discussion in 'Hardware Components and Aftermarket Upgrades' started by Dr. AMK, Nov 21, 2017.

  1. tilleroftheearth

    tilleroftheearth Wisdom listens quietly...

    Reputations:
    5,042
    Messages:
    12,467
    Likes Received:
    2,436
    Trophy Points:
    631
    Dr. AMK, Papusan and Vasudev like this.
  2. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    Nvidia Patches Eight Security Vulnerabilities Across Most Product Lines Tomshardware.com | March 1, 2019
    Most graphics drivers are exciting because they add support for new hardware, include optimizations for the latest games, or fix issues found in their predecessors. A batch of new drivers from Nvidia offers a different incentive: protection against eight vulnerabilities that could be used to conduct various attacks...
     
    Dr. AMK, tilleroftheearth and Vasudev like this.
  3. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,378
    Trophy Points:
    281
    Maleko48 and Vasudev like this.
  4. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    New "Thunderclap" Vulnerability Threatens to Infect Your PC Over Thunderbolt Peripherals Techpowerup.com | Mar 4, 2019

    A new security vulnerability named "Thunderclap" severely compromises security of computers with USB type-C Thunderbolt ports, or machines with Thunderbolt 3 (40 Gbps) ports. This would be pretty much every MacBook released in the past two years, Macs, and PCs with certain aftermarket Thunderbolt 3 adapters. Chronicled in a paper by the Department of Computer Science and Technology at the University of Cambridge, Rice University and SRI International, is a method for Thunderbolt devices to bypass the host machine's IOMMU (I/O memory management unit), and read its main memory over DMA.

    An IOMMU translates address-spaces between devices and main memory, and hence protects your memory's contents being read by just about any device. The group has detailed possible ways to mitigate this vulnerability, and forwarded these mitigations to Apple, Intel, and Microsoft. For now no public mitigation exists other than disabling the Thunderbolt controller of your machine in your motherboard's UEFI setup program.
     
    Starlight5, Ashtrix, Vasudev and 3 others like this.
  5. Papusan

    Papusan JOKEBOOKs Sucks! Dont waste your $$$ on FILTHY

    Reputations:
    31,807
    Messages:
    26,595
    Likes Received:
    48,999
    Trophy Points:
    931
    Intel’s Newest Spoiler: A Spectre-Style Hardware Exploit That Leaks Private Data Hothardware.com | Mar 5, 2019
    Just when we thought that the worst was over with respect to speculative execution hardware exploits like Spectre, we get hit with another whopper. Such is the case with a new Intel processor vulnerability dubbed Spoiler. Spoiler is similar in...

    Given that Spoiler was just revealed to the public, there are no current software mitigation solutions available. And there’s of course no timeline as to when a potential fix can be implemented in hardware or what kind of performance impact it would have.
     
  6. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,378
    Trophy Points:
    281
    SPOILER alert, literally: Intel CPUs afflicted with simple data-spewing spec-exec vulnerability
    'Leakage ... is visible in all Intel generations starting from first-gen Core CPUs'

    https://www.theregister.co.uk/2019/03/05/spoiler_intel_processor_flaw/
    [​IMG]

    Updated Further demonstrating the computational risks of looking into the future, boffins have found another way to abuse speculative execution in Intel CPUs to steal secrets and other data from running applications.
     
  7. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,087
    Messages:
    20,399
    Likes Received:
    25,150
    Trophy Points:
    931
    More info in this thread too:
    http://forum.notebookreview.com/thr...atches-and-more.812424/page-120#post-10875985
     
  8. jclausius

    jclausius Notebook Virtuoso

    Reputations:
    5,197
    Messages:
    3,164
    Likes Received:
    2,332
    Trophy Points:
    231
  9. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,378
    Trophy Points:
    281
    Microsoft Releases Patches for 64 Flaws — Two Under Active Attack
    https://thehackernews.com/2019/03/microsoft-windows-security-updates.html
    [​IMG]
    It's time for another batch of "Patch Tuesday" updates from Microsoft.

    Microsoft today released its March 2019 software updates to address a total of 64 CVE-listed security vulnerabilities in its Windows operating systems and other products, 17 of which are rated critical, 45 important, one moderate and one low in severity.

    The update addresses flaws in Windows, Internet Explorer, Edge, MS Office, and MS Office SharePoint, ChakraCore, Skype for Business, and Visual Studio NuGet.
     
    Riley Martin, Vasudev and hmscott like this.
  10. Dr. AMK

    Dr. AMK Living with Hope

    Reputations:
    3,496
    Messages:
    2,111
    Likes Received:
    4,378
    Trophy Points:
    281
    Riley Martin, Vasudev and hmscott like this.
Loading...

Share This Page