Microsoft has claimed that it has, as yet, "observed no exploitation of this vulnerability, [but] it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware".
For those who can not apply the security updates, Microsoft advises either disabling RDP services if they are not required, blocking TCP port 3389 at the enterprise perimeter firewall, and/or enabling Network Level Authentication (NLA) on systems running supported editions of Windows 7, Windows Server 2008, and Windows Server 2008 R2. Those using out-of-support systems (like Windows 2003 and Windows XP), can download the KB4500705 update in which Microsoft has implemented the necessary security fixes. (Old hardware can run very nice versions of Linux, which cost nothing.) And if you're one of those stick-in-the-muds still running Windows 7, you have eight months to update those machines to Windows 10. It explains "Microsoft invests heavily in strengthening the security of its products, often through major architectural improvements that are not possible to backport to earlier versions of Windows".
Provided protection against a new subclass of speculative execution sidewall vulnerabilities, known as microarchitecture data sampling, for Windows 64-bit (x64) versions (CVE-2018-11091, CVE-2018-12126, CVE-2018- 12127, CVE-2018-12130). But this flaw is so serious that Microsoft has also issued a patch for Windows XP and its server brethren, which officially died five years ago.
Elsewhere, IT admins should also fix a zero-day flaw (CVE-2019-0863), which is being exploited in the wild and has also been publicly disclosed, meaning other hackers could use it in their own attacks.Читайте также: Villa into playoff final after shootout win over West Brom
Microsoft's May 2019 Patch Tuesday fixed 79 vulnerabilities, 19 of which are classed as Critical.
The latter is only a partial mitigation.
Security researchers have shown it is possible to exploit MDS vulnerabilities with attacks such as rogue in-flight data load (RIDL) and Fallout to glean secrets and sensitive information such as password and digital keys on recent Intel processors.
Windows 10 is the most popular OS in the world right now, after overtaking ageing Microsoft software Windows 7.При любом использовании материалов сайта и дочерних проектов, гиперссылка на обязательна.
«» 2007 - 2019 Copyright.
Автоматизированное извлечение информации сайта запрещено.
Код для вставки в блог