Your one-stop web resource providing safety and security information to manufacturers

A security vulnerability in the virtualization software built into Intel’s hardware allows an attacker to execute code in Ring 0 of the CPU.

The problem affects 64-bit versions of Windows, Linux, FreeBSD and the Xen hypervisor.

Adobe Hotfix for ColdFusion
Adobe Patches ColdFusion Flaw
After Patch, APT’s Still Hit
Adobe Mac Updates Silenced

By manipulating the stack, an attacker from Ring 3 can get code executed in Ring 0 of the CPU to elevate their local privileges or escape the virtual machine jail.

The flaw seems to only affect Intel hardware – AMD and ARM CPUs do not suffer from the issue.

Cyber Security

To close the security hole, users should apply updates from their operating system supplier. To this end, Xen, FreeBSD and Microsoft published operating system specific details on the vulnerability. Linux vendor Red Hat also published two updates on the problem.

Pin It on Pinterest

Share This