Hardware vulnerability bypasses Spectre and Meltdown patches – CNET
A new hardware vulnerability bypassing previous Spectre and Meltdown protections has been found by Bitdefender researchers, CNET sister site ZDNet reported Tuesday. It affects all Windows systems with AMD or Intel processors since 2012 and can access protected memory.
Spectre and Meltdown are vulnerabilities uncovered in the chips that handle sensitive data like passwords and encryption keys. Chips originally affected when the vulnerability was revealed back in January 2018 included Intel and AMD or those designed by Arm.
The latest Spectre variant, called SWAPGSAttack and designated CVE-2019-1125, could be used to secretly monitor and take information off a computer. While it works around previous patches, you can protect yourself by using a security update released in July after Bitdefender worked with Intel and Microsoft on the issue for a year.
Microsoft's advisory says "an attacker who successfully exploited the vulnerability could read privileged data across trust boundaries."
"Customers who have Windows Update enabled and applied the security updates are protected automatically," a Microsoft spokesperson also told ZDNet.
"Intel, alRead More – Source