KLA11291
Microsoft Guidance for Lazy Floating Point State Restore
Обновлено: 26/06/2019
Дата обнаружения
13/06/2018
Уровень угрозы
Warning
Описание

Speculative store bypass vulnerability in Microsoft Windows systems can be exploited to bypass security restrictions.

On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre and Meltdown) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees.

On June 13, 2018, an additional vulnerability involving side channel speculative execution, known as Lazy FP State Restore, has been announced and assigned CVE-2018-3665.

Пораженные продукты

Windows Server 2012 R2 (Server Core installation)
Windows 10 for x64-based Systems
Windows 8.1 for x64-based systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
ADV180016
Связанные продукты
Microsoft Windows
Microsoft Windows Server
Microsoft official advisories
Microsoft Security Update Guide
KB list

4338824
4338830
4338820
4338815
4338818
4338829
4338823
4338816
4345455
4338831
4345459
4345424
4338821
4345425
4343899
4343900
4341832