Intel microcode updates for Windows 10 and Server products

Microsoft issued a new security advisory for Intel microcode updates for Windows 10 versions 1903 and 1909. The updates also address a known vulnerability behind a Zombieload attack. In addition, a targeted update for Windows Server 2019 version 1903 was also available.

Continue Reading Intel microcode updates for Windows 10 and Server products

The top 20 vulnerabilities to patch now (that are most under attack)

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.

Continue Reading The top 20 vulnerabilities to patch now (that are most under attack)

SWAPGS: Newest Spectre vulnerability affects millions of systems

Security researchers have found a new side-channel attack and vulnerability that affects millions of newer Intel microprocessors. The new vulnerability CVE-2019-1125 dubbed SWAPGS is a variant of Spectre Variant 1 and bypasses previous mitigations against Spectre and Meltdown.

Continue Reading SWAPGS: Newest Spectre vulnerability affects millions of systems

Cisco security updates for ASA, NX-OS Software, CPU side-channel vulnerabilities

Cisco released new security updates on Friday, two rated high severity and two medium severity, to address ASA, NX-OS and CPU side-channel vulnerablities that impact multiple products.

Continue Reading Cisco security updates for ASA, NX-OS Software, CPU side-channel vulnerabilities

Intel Spectre and Meltdown vulnerability guidance

Intel released new details of availability for microcode updates that address the Meltdown and Spectre design flaws in Intel processors. According to the company, Intel has stopped working on microcode updates for certain Intel processors as noted in the release.

Continue Reading Intel Spectre and Meltdown vulnerability guidance

Intel issues new Spectre/Meltdown patch guidance

Intel said the root cause of the reboot issues have been identified. To that end, the company said customers and partners should not install its current versions of Spectre/Meltdown patches rolled out earlier this month as they "may introduce higher than expected reboots and other unpredictable system behavior."

Continue Reading Intel issues new Spectre/Meltdown patch guidance

Oracle Critical Patch Update Advisory for January 2018

Oracle has released its Critical Patch Update Advisory for January 2018. The update includes 237 new security fixes for multiple Oracle products to include Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities.

Continue Reading Oracle Critical Patch Update Advisory for January 2018