• Windows devices that have the newest supported processors might be sus

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Windows devices that have the newest supported processors might be sus

    Author
    Topic
    #2468662
    Hmmm… when did this occur?  Susan hits view of details of web page to see when it was posted.
    Susan can’t find the publish date (they got rid of it a year or so ago and I can’t remember how you find it now  – found via the RSS feed that it was today = https://support.microsoft.com/en-us/feed/rss/4ec863cc-2ecd-e187-6cb3-b50c6545db92

    Susan goes to review original previews to see if they talked about this  (this maybe?

    • Addresses a known issue that affects certain GPUs and might cause apps to close unexpectedly or cause intermittent issues that affect some apps that use Direct3D 9. You might also receive an error in the Event Log in Windows Logs/Applications, and the faulting module is d3d9on12.dll and the exception code is 0xc0000094.

    Susan doesn’t see this on the health release dashboard
    I’ve seen a report in comments that the only consumer impact they’ve traced it back to is bitcoin mining.
    Comment on bleeping computer
    “So the only consumer level applications I could find in a quick search that seemed to possibly be able to make use of VAES were cryptocurrency mining apps. Granted that doesn’t mean there weren’t other more obscure uses, however this doesn’t sound like it will impact the vast majority of home users. Enterprise use on the other hand, that could be significantly impacted depending on what sort of workloads actually use VAES.”
    Susan remembers an upcoming Blackhat presentation by Dustin Childs

    Calculating Risk in the Era of Obscurity: Reading Between the Lines of Security Advisories

    Brian Gorenc  |  Senior Director, Trend Micro Zero Day InitiativeDustin Childs  |  Sr. Communications Manager, Trend Micro Zero Day Initiative
    Date: Thursday, August 11 | 11:20am-12:00pm ( Islander EI (Level 1) )
    Format: 40-Minute Briefings

    Tracks:

    Compliance with industry standards as well as various government regulations also requires a robust servicing and patching strategy. Beyond compliance, you must understand the risk to your resources from poor servicing. To help with this effort, standards exist to help assess risk. However, vendors can manipulate these standards, which can lead to errors when enterprises attempt to accurately gauge risk. Over time, vendors reduced the clarity of language in their advisories to the point where plain language about a bug no longer exists, leaving network defenders to speculate what the real risk from a product may be.
    There are occasions when vendors release patches that are nothing more than placebos – patches that make no code changes at all and leave administrators with a false sense of security. Similarly, vendors release incomplete patches that do not properly mitigate the vulnerability. Not only does this leave software in a vulnerable state after applying what should be a fix, it doubles the cost of patching, since now another patch must be applied to mitigate the risks incurred from applying the first patch and increases the risk of attack.Our conclusions are based on disclosing over 9,500 vulnerabilities over 17 years. This talk provides examples of systemic problems with security patches and how those problems negatively impact enterprise security. We propose methods to incentivize vendors to improve their servicing habits, including alternative disclosure timelines for failed patches. We encourage others disclosing vulnerabilities to adopt similar timelines and for customers to prioritize purchasing based on how vendors impact their risk through servicing.

    How about we include in that talk following RSS feeds of KB articles because where this stuff should be documented… it isn’t.

    Yes Susan is now talking to herself

    Susan Bradley Patch Lady

    • This topic was modified 1 month, 3 weeks ago by fantasktic.
    4 users thanked author for this post.
    Viewing 0 reply threads
    Author
    Replies
    • #2468680

      Summary

      Windows devices that support the newest Vector Advanced Encryption Standard (AES) (VAES) instruction set might be susceptible to data damage. The affected Windows devices use one of the following on new hardware:

      AES XEX-based tweaked-codebook mode with ciphertext stealing (AES-XTS)

      AES with Galois/Counter Mode (GCM) (AES-GCM)..

      • #2468784

        Intel from 10th Gen Ice Lake 10nm mobile chips are affected
        AMD Zen 3-based Ryzen 5000 series desktop SKUs and Ryzen 5000 mobile are affected.

    Viewing 0 reply threads
    Reply To: Windows devices that have the newest supported processors might be sus

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: