New SWAPGS vulnerability on Windows affects Intel and AMD CPUs

Vulnerability testing specialists have revealed a security vulnerability that affects all Windows operating system computers running on Intel and AMD 64-bit processors. If exploited, these flaws could give a hacker access to passwords, private conversations, and other sensitive information stored in the operating system kernel memory. 

According to reports, the vulnerability takes advantage of the SWAPGS instruction, a function that makes the switch between user memory and kernel memory. Experts mention that because the vulnerability resides in this feature, virtually all Intel CPUs manufactured between 2012 until now are exposed to this flaw. Later reports states that, in addition to Intel CPUs, x86-64 systems using Intel or AMD processors are also exposed.

Expert groups and vulnerability testing firms have collaborated with Intel for over a year to fix this flaw and other “side channel vulnerabilities”. According to Bitdefender experts, this flaw is capable of bypassing any mitigation implemented since January 2018, when the Spectre and Meltdown vulnerabilities were discovered, to the present day.

Although some members of the cybersecurity community already knew this information, it was decided to wait for Microsoft to develop a solution for this flaw, which would be released as part of its periodic update package. Although companies rushed to release patches, experts believe it is still possible for attackers who know the exploit method to steal sensitive information.  

On the other hand, Microsoft stated, “We are aware of these flaws, we are now working with chip makers and other partners in the industry to develop the relevant fixes to protect user information. Updates were released in July and users with Microsoft Upadte enabled are automatically protected.”

Regarding the protection of Linux-based machines, vulnerability testing experts at the International Institute of Cyber Security (IICS) mention that Linux kernel updates are required, as well as some updates to the Linux kernel microcode, to correct the flaw.