August 12, 2019
Security Vulnerability Affecting Windows Computers
A new vulnerability is affecting Windows computers. According to reports, the SWAPGS attack if impacting computers running 64-bit INTEL and AMD processors.
The vulnerability can give an attacker access to passwords and personal information actively found in the operating system kernel memory. According to researchers, all Intel CPUs manufactured between 2012 and today are vulnerable to the attack.
AMD has issued a statement, “AMD is aware of new research claiming new speculative execution attacks that may allow access to privileged kernel data. Based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks because AMD products are designed not to speculate on the new GS value following a speculative SWAPGS. For the attack that is not a SWAPGS variant, the mitigation is to implement our existing recommendations for Spectre variant 1.”
Microsoft has been working on this known vulnerability for quite some time now and issued a patch in a recent update in July.
The Importance of Proactive Patch Management
This is yet another reminder of how imperative it is to constantly install updates and patches as they are issued. Often, major vulnerabilities and attacks are avoidable if you are using the most up-to-date versions of the software.
Leveraging the power of a fully automated, policy-based platform, like Datto RMM, will position the MSP to systematically deploy patches for typical business applications as soon as they become available helping to close the window of exposure for known and zero-day vulnerabilities. Datto RMM will also generate easy-to-understand reports, bringing clear visibility to the sites and devices with the highest risk. Being able to have a conversation, backed by data, further establishes the MSP as a strategic partner who is proactively looking to prevent downtime and maintain the end-clients’ best interests. Check out our eBook RMM Made MSPeasy!