FAQ
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment.
FAQ
Why does this CVE indicate that the vulnerability has been publicly disclosed? This underlying vulnerability is due to an issue in the microarchitecture of certain ARM-based cores. Microsoft issued this CVE to document the Windows updates that address this underlying problem. This update mitigates against this vulnerability. For more information on this public disclosure, please see: Prefetcher Side Channels: Armv8 Security Bulletin.
FAQ-Information Disclosure-iSNS
What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could view heap memory from a privileged process running on the server.
FAQ
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? An exploited vulnerability can affect resources beyond the security scope managed by the security authority of the vulnerable component. In this case, the vulnerable component and the impacted component are different and managed by different security authorities.