Shulou(Shulou.com)11/24 Report--

CTOnews.com, April 22, Microsoft released patches for multiple Win10 and Win11 systems last month to fix MMIO outdated data vulnerabilities. Microsoft today again released updates to the original Win10 (Version 1507) and Windows Server 2016 to fix the above vulnerabilities.

CTOnews.com is described in the attached Microsoft Security Bulletin as follows:

Processor MMIO stale data vulnerabilities are a class of memory-mapped I / O (MMIO) vulnerabilities that expose data. When the processor kernel reads or writes MMIO, it is usually done with memory types that are not cacheable or written, and are routed through uncore. Uncore is a logical part of CPU shared by the physical processor kernel and can provide a variety of common services. Malicious visitors may use non-core buffers and mapping registers to leak information from different hardware threads within or across the same physical core.

An attacker who successfully exploits these vulnerabilities may be able to read privileged data across trust boundaries. Vulnerabilities that may exploit these vulnerabilities in a shared environment (allowing the correct configuration of cloud services in these resources) an attacker may have cross-domain access to privileged data.

On these independence in non-browsing scenarios, the attacker must first access the system or be able to run specially designed warp knitting applications on the target system to exploit system vulnerabilities.

Users who still use Win10 (Version 1507) and Windows Server 2016 can click the link below to download:

KB5019179-Windows 10 version 1507-Microsoft Update Catalog

KB5019182-Windows Server 2016-Microsoft Update Catalog

Related readings:

"Microsoft and Intel warn: Win11/10/8.1 has MMIO obsolete data vulnerability, Linux has been fixed"

"Microsoft releases new patches for Win10 / Win11 to fix MMIO stale data vulnerabilities in Intel processors."

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.