ADV180013 — Microsoft Guidance for Rogue System Register Read
Executive Summary
On January 3, 2018, Microsoft released an advisory and security updates related to a newly discovered class of hardware vulnerabilities (known as Spectre and Meltdown) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. On May 21, 2018, Intel announced the Rogue System Registry Read vulnerability and assigned CVE-2018-3640. An attacker who has successfully exploited this vulnerability could then bypass Kernel Address Space Layout Randomization (KASLR) protections. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The mitigation for this vulnerability is exclusively through a microcode/firmware update, and there is no additional Microsoft Windows operating system update. To protect your system from this vulnerability, Microsoft recommends that you take the following actions: See the following links for further information related to CVE-2018-3640: 1. When will the firmware updates be available? If you have a non-Microsoft device, we suggest contacting your OEM for ths information. For Microsoft devices, we will amend this advisory when microcode/firmware updates become available. Additionally, we will notify customers via security notification service email. To sign up for this notification email see Microsoft Technical Security Notifications . 2. Will there be updates for Windows operating systems? There is no software mitigation needed. The mitigation for this issue is exclusively a processor microcode/firmware update. Affected users should contact their hardware vendor for these updates. 3. Where can I find information regarding the Speculative Store Bypass (SSB) vulnerability CVE-2018-3639? For information about CVE-2018-3639, see ADV180012 | Microsoft Guidance for Speculative Store Bypass . 4. Where can I finder further information on Microsoft guidance for Spectre and Meltdown vulnerabilities? See ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities .
Overview
EPSS Score
No EPSS score available for this CVE.
View on FIRST.orgAffected Products
| Product | KB Article | Severity | Impact | Restart Required |
|---|---|---|---|---|
| Microsoft Surface Book | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Microsoft Surface Book 2 | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Microsoft Surface Laptop | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Microsoft Surface Pro 3 | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Microsoft Surface Pro 4 | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Microsoft Surface Studio | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Surface Pro Model 1796 | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
| Surface Pro with Advanced LTE Model 1807 | 4073065 (Update history) |
Important | Security Feature Bypass | Yes |
Patches
| Article | Type | Restart |
|---|---|---|
4073065 |
Update history | Yes |
Known Exploits
Acknowledgments
None