HomeWinBuzzer NewsMicrosoft Advises Users to Install Intel Platform Update (IPU) 23.3 to Mitigate...

Microsoft Advises Users to Install Intel Platform Update (IPU) 23.3 to Mitigate Downfall Vulnerability

Microsoft has released mitigations for the Downfall vulnerability, a transient execution attack that impacts Intel CPUs.

-

is waring of a new security concern named “Downfall” that has emerged. Identified as CVE-2022-40982, this flaw is a transient execution attack impacting Intel CPUs. Microsoft has recognized the issue and offered mitigation techniques for users of , , and Windows Server.

Details on the Vulnerability

Microsoft has identified a transient execution attack termed gather data sampling (GDS) or “Downfall.” This vulnerability could potentially be exploited to deduce data from affected CPUs across various security boundaries, including user-kernel, processes, virtual machines (VMs), and trusted execution environments. For further insights into this vulnerability, one can refer to the INTEL-SA-00828 security advisory and CVE-2022-40982.

Steps for Mitigation

Microsoft has emphasized the importance of addressing this vulnerability promptly. The company has provided a mitigation method that is enabled by default, with an option for users to disable it if they choose. To counteract the vulnerability associated with CVE-2023-40982, users are advised to install the Platform Update (IPU) 23.3 microcode update. This update can typically be acquired from the original equipment manufacturer (OEM). Notably, Intel's latest products, including Alder Lake, Raptor Lake, and Sapphire Rapids, have in-built defense measures and remain unaffected by this vulnerability.

Option to Disable the Mitigation

For those who do not perceive GDS as a threat, Microsoft has provided an option to turn off the mitigation in specific environments. However, it's crucial to note that disabling the mitigation when Hyper-V (Virtualization) is activated is not covered in the current implementation. To deactivate the GDS mitigation in Windows, certain prerequisites must be met, including having specific Windows updates installed. Once these conditions are satisfied, users can adjust a feature flag in the registry to disable the mitigation.

As continue to evolve, it's imperative for companies and users alike to stay informed and take necessary precautions. Microsoft's proactive approach in addressing the “Downfall” vulnerability showcases the importance of timely mitigation and offers users the flexibility to choose their security measures.

Flax Typhoon Vulnerability

Microsoft has also this week warned users about the Flax Typhoon hacking group that has ties to China. Espionage seems to be the main goal of the group. They have mainly targeted organizations in Taiwan, but they could easily use their techniques for other regions as well. Microsoft connects this campaign to Flax Typhoon, which shares some similarities with another known actor, ETHEREAL PANDA.

Flax Typhoon's approach is unique in that it gains and maintains access to Taiwanese organizations' networks with minimal use of malware. Instead, it relies on tools built into the operating system and some typically benign software to discreetly remain within these networks. 

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News