Microsoft last month pushed a silent update that patched a processor side channel data leak in all CPUs Intel has introduced since 2012, researchers who discovered the flaw said Tuesday. The vulnerability—discovered and privately reported to Intel 12 months ago—resided in every CPU Intel has introduced since at least its Ivy Bridge line of processors and possibly earlier, a researcher from security firm Bitdefender...
Earlier this year two major vulnerabilities were discovered which affected the core processes of the computer. Named as Spectre and Meltdown, these “speculative execution” vulnerabilities meant hackers could steal data by simply visiting a website. Though there were no known incidents of these vulnerabilities being exploited in the wild, the processor microcode patches could have up to a 30% impact on the performance of...
Symantec has warned customers that security flaws in the firm’s systems outed by Google’s Project Zero last month won’t be fixed until mid-July. Patches were rushed out to cover some of the “as bad as it gets” flaws identified by Project Zero, but patches to secure the fundamental architectural flaws are still some weeks away. The cloud-based versions of Symantec’s Endpoint Protection Small Business...
Decrease in Critical Issues and Bulletins As far as individual issues, Critical-class CVEs accounted for less than a third of the issues we addressed in bulletin releases for the first time since we began our monthly bulletin-release cadence in 2004. And in absolute numbers, Critical-class CVEs are at their lowest levels since 2005. The fact that we’re seeing lower percentages of Critical issues and...
Recent Forum Activity