ADV180016

Описание

Executive summary

On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre and Meltdown) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On June 13, 2018, an additional vulnerability involving side channel speculative execution, known as Lazy FP State Restore, has been announced and assigned CVE-2018-3665.

An attacker, via a local process, could cause information stored in FP (Floating Point), MMX, and SSE register state to be disclosed across security boundaries on Intel Core family CPUs through speculative execution. An attacker must be able to execute code locally on a system in order to exploit this vulnerability, similar to the other speculative execution vulnerabilities. The information that could be disclosed in the register state depends on the code executing on a system and whether any code stores sensitive information in FP register state.

The security boundaries that may be affected by this vulnerability include virtual machine, kernel, and process.

Recommended actions

1. Register for security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.
2. Review https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html
3. Apply security updates.

FAQ

1. Is lazy restore enabled by default and can it be disabled?

In affected versions of Windows (see the Affected Products table), lazy restore is enabled by default and cannot be disabled by the user or administrator.

2. Are VMs in Azure affected?

Customers running VMs in Azure are not at risk from this variant. No action is required.

3. What is the CVSS value for this vulnerability?

CVSS - 4.3 Medium CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N