What you need to know
- A vulnerability could allow attackers to access information stored in a system's protected kernel memory.
- All Windows PCs with an Intel processor built after 2012 are affected.
- A security patch is available to address the problem and has already rolled out through July's Patch Tuesday.
A newly found vulnerability puts all Windows PCs with an Intel processor built after 2012 at risk (via ZDNet). The side-channel attack can bypass protections that were put in place to protect devices from the Spectre and Meltdown exploits. A bug fix to the issue rolled out as part of July Patch Tuesday. Devices that have delayed the update or that are unsupported are still at risk.
The bug exploits SWAPGS, and as a result has gained the name SWAPGSAttack. If an attacker successfully utilized SWAPGSAttack, they could monitor and steal sensitive information without being noticed or leaving a trace. Bitdefender has a post explaining the vulnerability (opens in new tab) and has published a whitepaper on it. The post explains how an attack taking advantage of this vulnerability is unique.
Bogdan Botezatu, director of threat research at Bitdefender, explained in a statement to ZDNet how the vulnerability could be used by an attacker to get sensitive data, including passwords.
This type of attack is slower than some methods but can be used in situations in which an attacker has a long time.
BitDefender discovered the vulnerability and revealed it at a Black Hat session recently. Black Hat worked with Intel, Microsoft, and others to create the fix that rolled out as part of Patch Tuesday in July.
Portable (and affordable) power accessories we love
Each and every one of these charging gadgets will keep your favorite gear and gadgets going for longer, and none of them costs more than $30.
VisionTek 8,000 mAh micro-USB power bank (opens in new tab) ($13 at Dell)
This compact dual-output powerbank can speedily recharge any and all your devices, thanks to a two-amp "fast charge feature," using its micro-USB out port. Its simple design includes an LED indicator, and it costs about as much as a single ticket to the movies.
Panasonic eneloop AA batteries (opens in new tab) (From $13 at Dell)
Panasonic's rechargeable batteries are among the best available, and just a couple of them will keep your favorite remote, mice or other peripherals powered up when you need them. They're also eco. And the company's affordable charger (opens in new tab) fits and charges both AA and AAA batteries at the same time.
Belkin Qi Wireless Charging Pad (opens in new tab) ($30 at Dell)
This unobtrusive Qi wireless charging pad looks good (and kind of like a UFO …) and easily charges all your Qi-compatible device up to 5W. Its LED indicator lights up when you're charging. And it costs just $30.
Sean Endicott brings nearly a decade of experience covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now heads up our day-to-day news coverage. If you have a news tip or an app to review, hit him up at email@example.com (opens in new tab).
That it! *boots his 8088*
Let me know when you finally load up DOS in a few days. 😜
It needs to be added to the article that this kind of attack CANNOT be exploited remotely. They need physical access to the machine, and careful and time-consuming analysis of the memory subsystems timing to capture the information, so this won't be in any "drive-by" attack, ever.
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.