The latter, CVE-2019-0725, is a particularly nasty memory corruption vulnerability, since all that is needed to exploit it is a well-crafted packet sent to a DHCP server and affects all now supported versions of Windows, client and server. The vulnerability allows remote code execution with no user involvement or any authentication required, making it a gift to scum looking to spread malware.
Microsoft detailed the potential impact of CVE-2019-0708 in a separate blog post on Tuesday.
Microsoft has claimed that it has, as yet, "observed no exploitation of this vulnerability, [but] it is highly likely that malicious actors will write an exploit for this vulnerability and incorporate it into their malware".
The vulnerability can be partially mitigated by enabling Network Level Authentication (NLA) for Remote Desktop Services Connections on vulnerable systems, an authentication method which "completes user authentication before you establish a remote desktop connection and the logon screen appears".
Security updates to Internet Explorer, Microsoft Scripting Engine, Microsoft Edge, Windows Storage and Filesystems, Microsoft Graphics Component, Windows App Platform and Frameworks, Windows Cryptography, Windows Datacenter Networking, Windows Server, Windows Virtualization, Windows Kernel, and the Microsoft JET Database Engine.
Texas Officer Shoots, Kills Woman Heard On Video Claiming She’s Pregnant
Lieutenant Steve Dorris of the Baytown Police Department told local media it was early days and an investigation was underway. Fatal police shootings have been a common occurrence in the USA , with every year since 2015 seeing almost 1,000 incidents.
Those running Windows 7, Windows Server 2008 R2, and Windows Server 2008, Pope explains, will receive the patch automatically through the Windows Update system as usual; Windows XP and Windows 2003 users, by contrast, need to download and install a manual update - or, Pope recommends, 'upgrade to the latest version of Windows'. It is a flaw in Intel processor hardware, meaning that it affects any operating systems running on x86 chips, including Windows.
The latter is only a partial mitigation.
ZombieLoad is known as a Microarchitectural Data Sampling (MDS) vulnerability, and it shares some characteristics with Spectre and Meltdown, the two side channel attacks announced in January 2018. These include CVE-2019-0725, a vulnerability in Windows Server's DHCP server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system.
In shared resource environments (such as exists in some cloud services configurations), these vulnerabilities could allow one virtual machine to improperly access information from another.