AMD Ryzen 3000, 4000 desktop chips, as well as Ryzen 5000, 4000, and some 7000 series mobile chips, are vulnerable to a new CPU vulnerability dubbed "Zenbleed". AMD confirms patches are coming soon.
Memory vulnerability RSS
A Redis server malware, that has been built on Rust, is infecting servers based on both Windows as well as Linux. Dubbed the "P2PInfect", this worm is able to exploit the Lua vulnerability.
Microsoft has cautioned about a bug fix it released with Patch Tuesday. The fix resolves a kernel issue in Windows but Microsoft has disabled it by default as it can potentially break something.
Microsoft has been working on integrating Rust into Windows for a while. A senior exec David Weston recently confirmed that Rust-based code will soon be booting inside Windows kernel.
An LPE security vulnerability under the ID CVE-2021-4034 was found by Linux security researchers at Qualys. The bug has been present for 12+ years and almost every major Linux distro is vulnerable.
HP has issued a list of its printers that are vulnerable to a new "Critical" buffer overflow bug that can lead to exploitation. Fortunately, patched firmware for these models has also been released.
AMD's Secure Memory Encryption (SME) feature will remain disabled by default in future Ryzen-based Linux PCs. That's because the feature has been found to be very problematic on some of those systems.
The latest Edge and Chrome Stable Channel builds contain a fix for a critical User-After-Free memory flaw which could allow attackers to execute malicious code upon successful exploitation.
