Carding
Professional
- Messages
- 2,871
- Reaction score
- 2,344
- Points
- 113
Owners of the Skylake, Tiger Lake, and Ice Lake processor families — this information is for you.
Microsoft published recommendations for managing the risks associated with the recently disclosed vulnerability CVE-2022-40982, commonly known by the code name "Downfall".
The security flaw affects many devices running Windows, which is why the list of recommendations from Microsoft came in handy. But is it as useful as ordinary users want it to be?
The Downfall vulnerability became known earlier this month. It affects several Intel processor families at once, including Skylake, Tiger Lake, and Ice Lake (all subfamilies too), as well as all current versions of Windows OS, including Windows 10, Windows 11, Windows Server 2019, and 2022.
To mitigate possible consequences, administrators and ordinary users need to install the Intel Platform Update 23.3 microcode update. However, it is not installed in Windows itself, which is the main problem.
The update is delivered exclusively by the motherboard manufacturer with a new version of the BIOS, so Microsoft recommends that you contact the official website of the hardware manufacturer to get the necessary update. A complete list of companies, along with links to relevant sites where you can download the software, is available on the Intel website.
Of course, not all motherboard manufacturers have already released the corresponding updates. Not the fact that this will happen at all in the near future. However, adding a link to download the BIOS for your motherboard to your bookmarks and periodically checking for updates will not be superfluous.
It should be noted separately that the vulnerability does not affect the latest Intel products, including the Alder Lake, Raptor Lake and Sapphire Rapids families, so the owners of these "stones" should not worry.
Also, due to its specific nature, a Downfall attack may not be terrible even for some vulnerable devices in a certain scenario of their use, so you should make a balanced decision about installing a fix. Especially considering the fact that after installing the fix, some users may notice a decrease in the performance of their systems.
Specifically for this case, Microsoft has provided for software disabling of the fix through the Windows registry. This is done as follows:
The Downfall fix is now disabled, and the system is no longer protected from attacks that exploit this vulnerability. You can restore protection at any time by simply deleting the "FeatureSettingsOverride" DWORD parameter in the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management.
Microsoft published recommendations for managing the risks associated with the recently disclosed vulnerability CVE-2022-40982, commonly known by the code name "Downfall".
The security flaw affects many devices running Windows, which is why the list of recommendations from Microsoft came in handy. But is it as useful as ordinary users want it to be?
The Downfall vulnerability became known earlier this month. It affects several Intel processor families at once, including Skylake, Tiger Lake, and Ice Lake (all subfamilies too), as well as all current versions of Windows OS, including Windows 10, Windows 11, Windows Server 2019, and 2022.
To mitigate possible consequences, administrators and ordinary users need to install the Intel Platform Update 23.3 microcode update. However, it is not installed in Windows itself, which is the main problem.
The update is delivered exclusively by the motherboard manufacturer with a new version of the BIOS, so Microsoft recommends that you contact the official website of the hardware manufacturer to get the necessary update. A complete list of companies, along with links to relevant sites where you can download the software, is available on the Intel website.
Of course, not all motherboard manufacturers have already released the corresponding updates. Not the fact that this will happen at all in the near future. However, adding a link to download the BIOS for your motherboard to your bookmarks and periodically checking for updates will not be superfluous.
It should be noted separately that the vulnerability does not affect the latest Intel products, including the Alder Lake, Raptor Lake and Sapphire Rapids families, so the owners of these "stones" should not worry.
Also, due to its specific nature, a Downfall attack may not be terrible even for some vulnerable devices in a certain scenario of their use, so you should make a balanced decision about installing a fix. Especially considering the fact that after installing the fix, some users may notice a decrease in the performance of their systems.
Specifically for this case, Microsoft has provided for software disabling of the fix through the Windows registry. This is done as follows:
- Run the command prompt as an administrator
- Insert the following command: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 33554432 /f
- Restart your computer
The Downfall fix is now disabled, and the system is no longer protected from attacks that exploit this vulnerability. You can restore protection at any time by simply deleting the "FeatureSettingsOverride" DWORD parameter in the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management.
