The SWAPGS Attack vulnerability circumvents the protective measures that have been put in place in response to earlier attacks such as Spectre and Meltdown. Still, there is good news: Microsoft has already released Windows patches.
Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens, and encryption keys, that would otherwise be inaccessible.
Subscribe to Lansweepers Vulnerability feed to stay up to date on recent vulnerabilities.
The new attack takes advantage of SWAPGS, a system instruction that is used by the operating system to switch between two Model Specific Registers. The SWAPGS attack is, in effect, a variant of the Spectre V1 attack.
Microsoft Secretly Fixes Vulnerability in July Patch Tuesday Update
Users are advised to update Windows in order to mitigate against this new CPU “SWAPGS attack” risk. Microsoft silently issued patches for the new speculative execution vulnerability in its July 2019 Patch Tuesday security update. The Windows security update fixes the vulnerability through software changes that mitigate how a CPU speculatively accesses memory. Microsoft further stated that it is not required to install a microcode update to resolve this vulnerability.