Microsoft has released out-of-band security updates for ‘Memory Mapped I/O Stale Data’ information disclosure vulnerabilities in Intel CPUs.
The Mapped I/O side-channel vulnerabilities were initially disclosed by Intel on June 14th, 2022, warning that the flaws could allow processes running in a virtual machine to access data from another virtual machine.
“An attacker who successfully exploited these vulnerabilities might be able to read privileged data across trust boundaries,” explained Microsoft.
According to Microsoft’s advisory, no security updates were released except mitigations applied for Windows Server 2019 and Windows Server 2022.
Microsoft has released a somewhat confusing set of security updates for Windows 10, Windows 11, and Windows Server that address these vulnerabilities.
These are likely being released as optional, manual updates as the mitigations for these vulnerabilities can cause performance issues, and the flaws may not be fully resolved without disabling Intel Hyper-Threading Technology in some scenarios.