April 10, 2018—KB4093112 (OS Build 16299.371)

April 10, 2018—KB4093112 OS Build 16299.371 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides support to control usage of Indirect Branch Prediction Barrier IBPB within some AMD...

8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs

A team of security researchers has reportedly discovered a total of eight new "Spectre-class" vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation, or Spectre-NG, the partial...

APT Trends report Q1 2018

In the second quarter of 2017, Kaspersky's Global Research and Analysis Team GReAT began publishing summaries of the quarter's private threat intelligence reports in an effort to make the public aware of the research we have been conducting. This report serves as the next installment, focusing on...

AMD Acknowledges Newly Disclosed Flaws In Its Processors — Patches Coming Soon

AMD has finally acknowledged 13 critical vulnerabilities, and exploitable backdoors in its Ryzen and EPYC processors disclosed earlier this month by Israel-based CTS Labs and promised to roll out firmware patches for millions of affected devices 'in the coming weeks.' According to CTS-Labs...

microcode_ctl security update

CentOS Errata and Security Advisory CESA-2018:0093 The microcodectl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 “Spectre” CPU branch injection vulnerability mitigation. Historically, Red Hat has...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.4.111 and fixes several security issues. The most important fix in this update is for the security issue named "Meltdown" that is fixed in theese kernels by enabling kernel Page Table Isolation KTPI. Note that according to AMD, this issue does not...

SUSE-SU-2018:0041-1 Security update for kernel-firmware

This update for kernel-firmware fixes the following issues: - Add microcodeamdfam17h.bin bsc1068032 CVE-2017-5715 This new firmware enables the Indirect Branch Control IBC feature on AMD family 17h processor to mitigate an attack on the branch predictor that could lead to information disclosure...

(RHSA-2018:0040) Important: microcode_ctl security update

The microcodectl packages provide microcode updates for Intel and AMD processors. Security Fixes: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions a commonly used performance optimization. There are three primary...

[ASA-201701-35] linux-lts: privilege escalation

Arch Linux Security Advisory ASA-201701-35 ========================================== Severity: Medium Date : 2017-01-27 CVE-ID : CVE-2017-2583 Package : linux-lts Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-150 Summary ======= The package linux-lts before...

[ASA-201701-32] linux: privilege escalation

Arch Linux Security Advisory ASA-201701-32 ========================================== Severity: Medium Date : 2017-01-27 CVE-ID : CVE-2017-2583 Package : linux Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-149 Summary ======= The package linux before version...

Xen Information Disclosure Vulnerability (CNVD-2016-01947)

Xen is an open source virtual machine monitor product developed at the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports runtime migration to ensure uptime and avoid downtime. An information disclosure...

USN-2842-2 linux-lts-vivid vulnerabilities

Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS. CVE-2015-8104 郭永刚 discovered that the pp...