Intel has issued firmware updates, as well as a security advisory of its own that addresses what it called "Microarchitectural Data Sampling," or MDS vulnerabilities. In most cases, software updates - like those generated by Microsoft - will need to be combined with firmware updates from Intel and/or computer makers, called OEMs for "original equipment manufacturers." All resemble the Spectre and Meltdown flaws of early 2018 in that they were found within the firmware of microprocessors from Intel. The bug patched for Windows XP and Server 2003 is one of four disclosed Tuesday by a small host of security researchers. In that case, Microsoft supplied patches to Windows XP, Windows 8 and Windows Server 2003, all of which had already been retired. Pope's reference to WannaCry is notable because the last time Microsoft patched Windows XP was in May and June 2017, when it tried to stop the spread of the virulent ransomware. In fact, some IT administrators reported that a Windows Server-powered "honeypot" - a system purposefully designed to attract malicious attention - has been undergoing constant attacks from locations in Asia and elsewhere. In other words, the vulnerability is 'wormable,' meaning that any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017," he wrote. Although Pope said the bug has yet to be publicly exploited, he made it sound like that was just a matter of time.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |