Security News

Intel has disclosed two high-severity vulnerabilities that affect a wide range of Intel processor families, allowing threat actors and malware to gain higher privilege levels on the device. The former concerns the insufficient control flow management in the BIOS firmware for some Intel processors, while the latter relies on the improper input validation on the same component.

Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw enables testing or debugging modes on multiple Intel processor lines, which could allow an unauthorized user with physical access to obtain enhanced privileges on the system.

AMD alone dropped 50 new CVEs on Thursday, 23 of them rated of "High" concern, meaning they're rated at between 7.0 and 8.9 on the the-point Common Vulnerability Scoring System. Let's start with the 27 flaws in the AMD Graphics Driver for Windows 10 - 18 of them rated High - because at least they're in software and Microsoft and Adobe's patch issuance cadence means readers could be in the mood to fix code.

New Zealand's Government Communications Security Bureau - the nation's signals intelligence and infosec agency - will retire its Waihopai satellite communications interception station because it's no longer needed. "The nature of telecommunications has changed, and other needs and capabilities have overtaken the sort of satellite communication interception that has been done at Waihopai," said Andrew Little, the minister responsible for the GCSB. "The GCSB's own statement on the matter reads"Changes in global telecommunications and information technology mean the interception of satellite communications from Waihopai has declined over the years to the point where dish use is now virtually obsolete.

The vulnerability was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense Technology in early May 2021, who used it to stage a confidential data disclosure attack called "SmashEx" that can corrupt private data housed in the enclave and break its integrity. Introduced with Intel's Skylake processors, SGX allows developers to run selected application modules in a completely isolated secure compartment of memory, called an enclave or a Trusted Execution Environment, which is designed to be protected from processes running at higher privilege levels like the operating system.

Right after officially releasing Windows 11, Microsoft has added three know issues to the Windows 11 12H2 release health dashboard. Microsoft has released Windows 11 worldwide yesterday and is now rolling it out via Windows Update to new Windows 10 devices and those pre-loaded with Windows 11.

The U.S. government has entered a Deferred Prosecution Agreement with three former intelligence operatives to resolve criminal charges relating to their offering of hacking services to a foreign government. "These services included the provision of support, direction and supervision in the creation of sophisticated"Zero-click" computer hacking and intelligence gathering systems - i.e., one that could compromise a device without any action by the target" - the U.S. Department of Justice.

Three former US intelligence and military operatives broke America's weapons export and computer security laws by, among other things, helping the United Arab Emirates hijack and siphon data from people's iPhones, it emerged on Tuesday. US citizens Marc Baier, 49, and Ryan Adams, 34, and ex-citizen Daniel Gericke, 40, were charged [PDF] with using "Illicit, fraudulent, and criminal means, including the use of advanced covert hacking systems that utilized computer exploits obtained from the United States and elsewhere, to gain unauthorized access to protected computers in the United States and elsewhere and to illicitly obtain information ... from victims from around the world."

Microsoft announced today that after investigating other potentially compatible processors for Windows 11, they only found one 7th generation Intel CPU to be compatible, and no first generation AMD Zen CPUs. With the new TPM 2.0 requirement and a restricted list of compatible CPUs, many people found that their devices with Intel 7th generation and first generation AMD Zen CPUs, which run Windows 10 flawlessly, can no longer upgrade to Windows 11.

Microsoft announced today that after investigating other potentially compatible processors for Windows 11, they only found one 7th generation Intel CPU to be compatible, and no AMD Zen CPUs. With the new TPM 2.0 requirement and a restricted list of compatible CPUs, many people found that their devices with Intel 7th generation and AMD Zen CPUs, which run Windows 10 flawlessly, cab no longer upgrade to Windows 11.