Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Medium
CVE-2019-11135 – TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
The flaw affecting the Processor Diagnostic Tool is tracked as ZombieLoad Variant 2, tracked as CVE-2019-11135, is related to Intel’s Transactional Synchronization Extensions (TSX), which is designed to improve performance for multi-threaded software. ZombieLoad Variant 2, which Intel has described as a Transactional Asynchronous Abort (TAA) vulnerability, affects all CPUs that support TSX and have the TAA_NO bit set to 0. ZombieLoad Variant 2 also works against Intel Xeon Gold server processors with Cascade Lake microarchitecture and Core i9 processors with Coffee Lake microarchitecture. An attacker who has access to a system running the tool can exploit the vulnerability to escalate privileges, obtain information, or cause a denial-of-service (DoS) condition.
Intel