A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the speculative executable code paths.
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Critical bugs galore among 61 Microsoft fixes, 56 from Adobe, a dozen from SAP, and a fistful from Fortinet
Patch Tuesday Microsoft's monthly patch drop has arrived, delivering a mere 61 CVE-tagged vulnerabilities – none listed as under active attack or already known to the public. We'll hold our judgement until tomorrow to see if Exploit Wednesday lives up to its name. But in the meantime, here's a look at Redmond's security bugs. Two of the latest patches are listed as critical and both affect Windows Hyper-V hypervisor. Oddly, the two critical bugs didn't receive the highest CVSS ratings – but ...
Vulmon