CVE-2018-8897 issued affecting all x86-x64 kernels multi-OS affected.

[Mando]

Linux, Windows, macOS, FreeBSD, and some implementations of Xen have a design flaw that could allow attackers to, at best, crash Intel and AMD-powered computers.

 

At worst, miscreants can, potentially, "gain access to sensitive memory information or control low-level operating system functions,” which is a fancy way of saying peek at kernel memory, or hijack the critical code running the machine.

The vulnerabilities can be exploited by malware running on a computer, or a malicious logged-in user. Patches are now available to correct the near-industry-wide programming blunders.

 

Source :- https://www.theregister.co.uk/2018/05/09/intel_amd_kernel_privilege_escalation_flaws/

CVE Article :- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8897

Ms article for all supported Windows :- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8897

 

 

 

 

 

[DConnell Member]

2 hours ago, Mando said:

At worst, miscreants can

Miscreants? lol "Confound it! Those dastardly hackers have absconded with our data!"

 

More and more it seems like we're running our programs on swiss cheese ...