Microsoft Corporation has released unscheduled security updates for vulnerabilities like Memory Mapped I/O Stale Data (MMIO) in Intel processors.
The vulnerability of the side channel Mapped I/O was originally revealed Intel on June 14, 2022. According to the company, these vulnerabilities could allow processes launched on a virtual machine, to access data from another virtual machine.
The vulnerability data are monitored under the following identifiers:
- CVE-2022-21123-Reading the data of a common buffer (SBDR);
- CVE-2022-21125-selection of data from a common buffer (SBDS);
- cve-2022-21127-updating the sample of the data of the buffer of a special register (SRBDS update);
- CVE-2022-21166-partial entry in the device register (DRPW).
“an attacker who has successfully used these vulnerabilities can access privileged data through The boundaries of trust . In Wednesdays with common resources (for example, in some configurations of cloud services), these vulnerabilities can allow one virtual machine to be unlawful to access information from another, ”explained Microsoft.
Microsoft has released a somewhat confused set of security updates for Windows 10, Windows 11 and Windows Server, which eliminate these vulnerabilities. From the support of support, it is unclear whether they are new Intel microcodes or eliminate the above gap in another way.
The updates data can be installed from the Windows renewal center exclusively in manual mode:
-Windows 11, version 22H2