Microsoft issued a range of security patches today, including its anticipated exploit-mitigation update for the so-called Lazy FP State Restore vulnerability in Intel microprocessors.
Intel late last month disclosed Lazy FP State Restore (CVE-2018-3665), the latest speculative execution side-channel vulnerability to be discovered since the first two, Meltdown and Spectre. This class of microprocessor flaws lets an attacker steal data, including cryptographic secrets. Microsoft’s new mitigations for Lazy FP provide protections from the attack for Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and x64-based Windows 8.1 and 10.
Read more about the vulnerabilities fixed by Microsoft on Patch Tuesday on DarkReading.