Η Microsoft κυκλοφόρησε έκτακτες ενημερώσεις ασφαλείας για τις ευπάθειες αποκάλυψης πληροφοριών “Memory Mapped I/O Stale Data (MMIO)” σε επεξεργαστές της Intel.
Mapped I/O side-channel security vulnerabilities were originally revealed by Intel on June 14, 2022, warning that they could allow processes running in one virtual machine to access data from another virtual machine.
This class of vulnerabilities is tracked with the following CVEs:
CVE-2022-21123 – Shared Buffer Data Read (SBDR)
CVE-2022-21125 – Shared Buffer Data Sampling (SBDS)
CVE-2022-21127 – Update special register cache data sampling (SRBDS Update)
CVE-2022-21166 – Device Registration Partial Record (DRPW)
According to Microsoft, no security updates have been released for these vulnerabilities except for a few fixes implemented for Windows Server 2019 and Windows Server 2022.
Today Microsoft released a somewhat confusing set of security updates for Windows 10, Windows 11, and Windows Server that address these vulnerabilities.
From the support bulletins, it is not clear if these are new Intel updates or other mitigations that will be applied to the devices.
These updates are released as manual updates in the Microsoft Update Catalog:
- KB5019180 – Windows 10, version 20H2, 21H2, and 22H2
- KB5019177 – Windows 11, version 21H2
- KB5019178 – Windows 11, version 22H2
- KB5019182 - Windows Server 2016
- KB5019181 - Windows Server 2019
- KB5019106 - Windows Server 2022
The above updates may be released as optional, with manual updates, but vulnerabilities may cause performance issues. Security vulnerabilities may not be fully resolved without disabling Intel Hyper-Threading Technology (Intel HT Technology) in some cases.
Therefore, it is recommended that you read the advice from both Intel and Microsoft before applying the updates.