Microsoft, Apple & Others Rush OS Patches Following Debugging Debacle

Microsoft, Apple, along with several open source operating systems providers, plus a few hypervisor vendors, rushed patches out this week following a x86 chip debugging mistake.

Microsoft, Apple and other providers of open source operating systems had to rush out emergency patches this week after several vendors goofed on instructions for an Intel debugging feature, which, in turn, left all these OSs open to an attack.
Additionally, the mistake also affected several hypervisor providers as well.
Nick Peterson, a researcher with Everdox Tech, is being credited with noticing the flaw and alerting Intel and Microsoft initially, according to a May alert issued by
CERT
.
If left unpatched, the flaw could allow an attacker to read sensitive data in memory or control low-level operating system functions, according to Tuesdays alert. Its not clear if a malicious attacker attempted to exploit the vulnerability, but it was severe enough that nearly all operating system vendors issues patches on the same day.
(Source:
Recklessstudios via Pixabay
)
This not only included Microsoft Windows and Apples macOS but a host of open source software as well from DragonFly BSD Project, FreeBSD Project, Linux Kernel, Red Hat, SUSE, Synology and Ubuntu.
That list also included Xen and VMware for their respective hypervisors.
At the heart of this issue is how these various software vendors responded to a debugging update that Intel was making to its x86-64 chip architecture. Specifically, it dealt with two parts of the x86-64 instruction set:
MOV SS
and
POP SS
. These instruction sets are also found in AMD processors as well.
Changes within MOV SS or POP SS can cause different behaviors within an operating system. As the CERT alert notes:

In certain circumstances after the use of certain Intel x86-64 architecture instructions, a debug exception pointing to data in a lower ring (for most operating systems, the kernel Ring 0 level) is made available to operating system components running in Ring 3. This may allow an attacker to utilize operating system APIs to gain access to sensitive memory information or control low-level operating system functions.

In addition to the alert,
Peterson wrote an entire research note
on this particular vulnerability.
The fundamentals of network security are being redefined -- dont get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth-annual
Big Communications Event
. Theres still time to register and communications service providers get in free!
Since all the operating systems are different, each company has sent out different alerts. Microsoft, for example, notes about the vulnerability in the Windows kernel and how it fails to handle objects in memory.
An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights, according to
Microsofts security alert
.
One noteworthy issue of this vulnerability is that it can be exploited by a remote attacker. An attack would need to start on a PC or server that is already compromised.
In his report, Peterson noted that this could have been caused by incomplete instructions when it came to the debugging issue.
Related posts:
Microsofts 4-Step Plan for Eliminating Passwords
Microsofts TCPS Project Looks to Secure IIoT & ICS
Microsoft: Tech Support Scams on the Rise
Microsoft Security Is Channeling the Terminator
— Scott Ferguson is the managing editor of Light Reading and the editor of
Security Now
. Follow him on Twitter
@sferguson_LR
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft, Apple & Others Rush OS Patches Following Debugging Debacle