Hackers can exploit security vulnerabilities to attack networks, the Information Security Department warns.
On the morning of May 16, Mr. Tran Dang Khoa, representative of the Department of Information Security - Ministry of Information and Communications , said that the Department has issued a warning about serious information security vulnerabilities and weaknesses in Intel's microprocessors that could seriously affect computers, network systems... in Vietnam.
According to the Department of Information Security, on May 14, information security experts from the Graz University of Technology in Austria and the Catholic University of Leuven in Belgium announced a group of four information security vulnerabilities in Intel processors. The four information security vulnerabilities have international error codes: CVE-2018-12126; CVE-2018-12130; CVE-2018-12127; CVE-2019-11091.
These information security weaknesses are assessed by experts as serious and affect many devices using Intel processors including: desktop computers, laptops, servers, mobile phones using Linux, Windows, MacOS, Android operating systems...
The forms of attack that take advantage of the above 4 information security weaknesses have been announced by experts and are still being further researched and evaluated, including: ZombieLoad attack using weakness CVE-2018-12130; RIDL attack using weaknesses CVE-2018-12127 and CVE-2019-11091; Fallout attack using weakness CVE - 2018-12126.
Intel has now released a list of affected products and update plans, and is working with operating system, firmware, and device manufacturers to support patch updates.
In order to ensure information security and prevent hackers from taking advantage of information security weaknesses to carry out dangerous cyber attacks, the Department of Information Security recommends that administrators at state agencies, units, organizations, enterprises and users immediately take the following measures to ensure information security:
- Check, review, and identify computers affected by the above vulnerabilities. Update patches or upgrade operating systems to temporarily patch the vulnerabilities.
- For operating systems that do not have patch information, it is necessary to monitor regularly to upgrade as soon as a solution is available.
- For product lines that Intel does not plan to update, a replacement plan should be made in the near future.
- Regularly monitor warning channels of authorities and large organizations on information security to promptly respond to cyber attack risks.
In case of necessity, you can contact the National Cyber Security Monitoring Center under the Department of Information Security, phone number: 024.3209.1616, email [email protected] or NCSC Fanpage at https://www.facebook.com/govSOC/ for timely support.
The Department of Information Security also said that it is continuing to monitor and research to provide detailed instructions. This information will be updated by the Department of Information Security on the information sharing system (https://ti.khonggianmang.vn).
Source: https://nld.com.vn/cong-nghe/canh-bao-khan-lo-hong-bao-mat-trong-bo-vi-xu-ly-intel-20190516122139525.htm
Comment (0)