Kaspersky Threats

KLA11291
Microsoft Guidance for Lazy Floating Point State Restore

Обновлено: 26/06/2019

Дата обнаружения	13/06/2018
Уровень угрозы	Warning
Описание	Speculative store bypass vulnerability in Microsoft Windows systems can be exploited to bypass security restrictions. On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre and Meltdown) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On June 13, 2018, an additional vulnerability involving side channel speculative execution, known as Lazy FP State Restore, has been announced and assigned CVE-2018-3665.
Пораженные продукты	Windows Server 2012 R2 (Server Core installation) Windows 10 for x64-based Systems Windows 8.1 for x64-based systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	ADV180016
Связанные продукты	Microsoft Windows Microsoft Windows Server
Microsoft official advisories	Microsoft Security Update Guide
KB list	4338824 4338830 4338820 4338815 4338818 4338829 4338823 4338816 4345455 4338831 4345459 4345424 4338821 4345425 4343899 4343900 4341832