Microsoft has released out-of-band security updates for 'Memory Mapped I/O Stale Data (MMIO)' information disclosure vulnerabilities in Intel CPUs.
The Mapped I/O side-channel vulnerabilities were initially disclosed by Intel on June 14th, 2022, warning that the flaws could allow processes running in a virtual machine to access data from another virtual machine.
This class of vulnerabilities is tracked under the following CVEs:
- CVE-2022-21123 - Shared Buffer Data Read (SBDR)
- CVE-2022-21125 - Shared Buffer Data Sampling (SBDS)
- CVE-2022-21127 - Special Register Buffer Data Sampling Update (SRBDS Update)
- CVE-2022-21166 - Device Register Partial Write (DRPW)
As part of the June Patch Tuesday, Microsoft also published ADV220002 with information on the types of scenarios that these vulnerabilities could impact.
"An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries," explained Microsoft.
"In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another."
"In non-browsing scenarios on standalone systems, an attacker would need prior access to the system or an ability to run a specially crafted application on the target system to leverage these vulnerabilities."
However, according to Microsoft's advisory, no security updates were released except mitigations applied for Windows Server 2019 and Windows Server 2022.
Microsoft has released a somewhat confusing set of security updates for Windows 10, Windows 11, and Windows Server that address these vulnerabilities.
From the support bulletins, it is unclear if they are new Intel microcodes or other mitigations that will be applied to devices.
These updates are being released as manual updates in the Microsoft Update Catalog:
- KB5019179 - Windows 10 Enterprise LTSB 2015 version 1507
- KB5019180 - Windows 10, version 20H2, 21H2, and 22H2
- KB5019177 - Windows 11, version 21H2
- KB5019178 - Windows 11, version 22H2
- KB5019182 - Windows Server 2016
- KB5019181 - Windows Server 2019
- KB5019106 - Windows Server 2022
These are likely being released as optional, manual updates as the mitigations for these vulnerabilities can cause performance issues, and the flaws may not be fully resolved without disabling Intel Hyper-Threading Technology (Intel HT Technology) in some scenarios.
Therefore, it is strongly advised that you read both Intel's and Microsoft's advisories before applying these updates.
Comments
Pkshadow - 1 year ago
I think this Link will allow lookup to see if are affected or not.
https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html
That is a wack of processors affected. Most people will never know since it is Optional.
noelprg4 - 1 year ago
you missed one update Lawrence.
KB5019179 for Windows 10 Enterprise LTSB 2015 version 1507:
https://support.microsoft.com/help/5019179
and yes, these updates DO update the mcupdate_GenuineIntel.dll file, which is the "intel microcode update library" dll file for Windows
also these updates are currently only available thru MS Update Catalog and are not offered thru windows update nor thru WSUS
Lawrence Abrams - 1 year ago
Thanks..added