Jump to content
CCleaner Community Forums


Experienced Members
  • Content Count

  • Joined

  • Last visited

Posts posted by trium

  1. ff v60.9.0 esr


    03. sept 2019








    Security vulnerabilities fixed in Firefox ESR 60.9

    September 3, 2019
    Firefox ESR
    Fixed in
    • Firefox ESR 60.9

    #CVE-2019-11746: Use-after-free while manipulating video


    A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash.


    #CVE-2019-11744: XSS by breaking out of title and textarea elements using innerHTML

    Rakesh Mane

    Some HTML elements, such as <title> and <textarea>, can contain literal angle brackets without treating them as markup. It is possible to pass a literal closing tag to .innerHTML on these elements, and subsequent content after that will be parsed as if it were outside the tag. This can lead to XSS if a site does not filter user input as strictly for these elements as it does for other elements.


    #CVE-2019-11742: Same-origin policy violation with SVG filters and canvas to steal cross-origin images

    Paul Stone

    A same-origin policy violation occurs allowing the theft of cross-origin images through a combination of SVG filters and a <canvas> element due to an error in how same-origin policy is applied to cached image content. The resulting same-origin policy violation could allow for data theft.


    #CVE-2019-11753: Privilege escalation with Mozilla Maintenance Service in custom Firefox installation location

    Holger Fuhrmannek

    The Firefox installer allows Firefox to be installed to a custom user writable location, leaving it unprotected from manipulation by unprivileged users or malware. If the Mozilla Maintenance Service is manipulated to update this unprotected location and the updated maintenance service in the unprotected location has been altered, the altered maintenance service can run with elevated privileges during the update process due to a lack of integrity checks. This allows for privilege escalation if the executable has been replaced locally.
    Note: This attack requires local system access and only affects Windows. Other operating systems are not affected.


    #CVE-2019-11752: Use-after-free while extracting a key value in IndexedDB

    Zhanjia Song

    It is possible to delete an IndexedDB key value and subsequently try to extract it during conversion. This results in a use-after-free and a potentially exploitable crash.


    #CVE-2019-9812: Sandbox escape through Firefox Sync

    Niklas Baumstark via TrendMicro's Zero Day Initiative

    Given a compromised sandboxed content process due to a separate vulnerability, it is possible to escape that sandbox by loading accounts.firefox.com in that process and forcing a log-in to a malicious Firefox Sync account. Preference settings that disable the sandbox are then synchronized to the local machine and the compromised browser would restart without the sandbox if a crash is triggered.


    #CVE-2019-11743: Cross-origin access to unload event attributes

    Yoav Weiss

    Navigation events were not fully adhering to the W3C's "Navigation-Timing Level 2" draft specification in some instances for the unload event, which restricts access to detailed timing attributes to only be same-origin. This resulted in potential cross-origin information exposure of history through timing side-channel attacks.


    #CVE-2019-11740: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9

    Mozilla developers and community

    Mozilla developers and community members Tyson Smith and Nathan Froyd reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.




  2. ff v69.0


    03. sept 2019



    As of today, Enhanced Tracking Protection will be turned on by default, strengthening the security and privacy for all of our users around the world.



    • Enhanced Tracking Protection (ETP) rolls out stronger privacy protections:

      • The default standard setting for this feature now blocks third-party tracking cookies and cryptominers.
      • The optional strict setting blocks fingerprinters as well as the items blocked in the standard setting.
    • The Block Autoplay feature is enhanced to give users the option to block any video that automatically starts playing, not just those that automatically play with sound.

    • For our users in the US or using the en-US browser, we are shipping a new “New Tab” page experience that connects you to the best of Pocket’s content.

    • Support for the Web Authentication HmacSecret extension via Windows Hello now comes with this release, for versions of Windows 10 May 2019 or newer, enabling more passwordless experiences on the web.

    • Support for receiving multiple video codecs with this release makes it easier for WebRTC conferencing services to mix video from different clients.

    • For our users on Windows 10, you’ll see performance and UI improvements:

      • Firefox will give Windows hints to appropriately set content process priority levels, meaning more processor time spent on the tasks you're actively working on, and less processor time spent on things in the background (with the exception of video and audio playback).
      • For our existing Windows 10 users, you can easily find and launch Firefox from a shortcut on the Win10 taskbar.
    • For our users on macOS, battery life and download UI are both improved:

      • macOS users on dual-graphics-card machines (like MacBook Pro) will switch back to the low-power GPU more aggressively, saving battery life.
      • Finder on macOS now displays download progress for files being downloaded.
    • JIT support comes to ARM64 for improved performance of our JavaScript Optimizing JIT compiler.



    • As previously announced in the Plugin Roadmap for Firefox, the "Always Activate" option for Flash plugin content has been removed. Firefox will now always ask for user permission before activating Flash content on a website.

    • With the deprecation of Adobe Flash Player, there is no longer a need to identify users on 32-bit version of the Firefox browser on 64-bit version operating systems reducing user agent fingerprinting factors providing greater level of privacy to our users as well as improving the experience of downloading other apps.

    • Firefox no longer loads userChrome.css or userContent.css by default improving start-up performance. Users who wish to customize Firefox by using these files can set the toolkit.legacyUserProfileCustomizations.stylesheets preference to true to restore this ability.


    • For Enterprise system administrators that manage macOS computers, we begin shipping a Mozilla signed PKG installer to simplify your deployments.

  3. ublock v1.22.0


    gorhill released this

    Aug 30, 2019



    Toolbar icon badge color

    The toolbar icon badge color will now reflect the current blocking mode. This should help with usage of the "Relax blocking mode" shortcut. The way uBO relaxes the current blocking mode is configurable through the advanced setting blockingProfiles.

    Static network filter options


    This new option allows to create a pure redirect directive, without a corresponding block filter as would be the case with the redirect= option. For example, consider the following filter:


    The above filter will result in a block filter ||example.com/ads.js$script and a matching redirect directive. Now consider this following filter:


    The above filter will not cause a block filter to be created, only a redirect directive will be created. Standalone redirect directives are useful when the blocking of a resource is optional but we still want the resource to be redirected should it ever be blocked by whatever mean -- whether through a separate block filter, a dynamic filtering rule, etc.

    empty and mp4

    Support for AdGuard's empty and mp4 filter option has been added.

    !#if false ... !#endif

    Support for the directive !#if false to easily disable a block of filters, which is more convenient than having to delete them all or prefix them all with !.

    Scriptlet injection

    Ability to wholly disable scriptlet injection for a given site using broad scriptlet injection exception:


    It is also possible to disable scriptlet injection everywhere with a generic exception:


    This is useful when creating specific exception filters is inconvenient.

    Closed as fixed:

    Commits with no entry in issue tracker:

  4. hello hussam,


    if you want this so - yes


    ccleaner -> options -> include

    --> add -> "drive or folder" -> c:\windows\logs\cbs

    --> "file types" -> choose "all files" or "file types" -> if "file types" = "*.cab"

    --> options -> "include files only" -because i have no sub-folder found in the c:\windows\logs\cbs





    in cleaner -> windows -> advanced -> tick "custom files and folders"



  5. 6 hours ago, John9210 said:

    I just downloaded the latest version of CCleaner free. All my short icons have changed to image.png.ac4d778905f095a443d3c59762957191.png. How can I get the old Windows 10 default icon image for shortcuts?

    it seems to be a shortcut with html or other browserbendings "to open with the standard-browser"

    normally takes windows-shortcut automatically the icon image from the target that open it (perhaps word, excel, firefox, txt or so) -> if it is an html or pdf-file association for the "default-browser" to open it -> in this case ccleaner-browser than takes this icon -> you can change this with choose another default-browser (i think in w10 there is internet-explorer or edge-browser...or what you will) and pdf and other file association in context with browser-openings

    if you make an office-shortcut for example with an *.docx -> is there also the ccleaner-browser-icon?

  6. i take a look in c:\windows\installer...


    i found also a lot of temorary empty folders with no function for w8.1 -> i think this behavior of windows is the same in w10 too and diskcleanup dont work correctly how it seems


    "msif761.tmp-" (122 of this kind of empty folders from year 2016) -> i can delete it safely but manually


    i mean it would be nice if ccleaner can take it to nirvana

  7. 1 hour ago, trium said:

    Currently, IT security experts are finding new ways of attacking every two or three months - but the chip industry is unwilling to give up the mechanism of "speculative execution" because it brings such huge performance improvements, Botezatu said. He criticized Intel's decision to rely solely on Microsoft to plug the gap - because the security update, for example, give it not for the older operating systems Windows XP and Vista. dpa


    2 hours ago, trium said:

    Basically, SwapGS Attack is similar to known side channel attacks like Specter V1. According to Bitdefender's paper, SwapGS Attack only works on Intel x86_64 architectures, not AMD. For all processors off the x86 world, the researchers give all-clear - in ARM, MIPS, Power, Sparc or RISC-V, they expect that SwapGS Attack have no success.



    Intel in turn does not intend to proceed by means of a CPU microcode update against SwapGS Attack, but sees currently held software as sufficient.



    perhaps this is the reason why AMD can sell its server processors to Google and Twitter! ;-)





    09.08.2019, 19:28 Uhr

    Mit zwei neuen Großkunden gelingt AMD ein Erfolg gegen Intel. Außerdem stellt der Chiphersteller seine neueste Prozessoren-Generation vor.


    AMD hat die zweite Generation seiner Prozessorchips für Rechenzentren herausgebracht und gleichzeitig mitgeteilt, dass Google und Twitter als Kunden gewonnen werden konnten, wie Reuters berichtet. Weiter heißt es, dass Google die Serverchips der zweiten Generation in seinen internen Rechenzentren einsetzen und im Laufe des Jahres im Rahmen seiner Cloud-Computing-Angebote auch externen Entwicklern anbieten wird.

    Die neue Generation der Serverchips, die EPYC genannt wird, verwendet in der Herstellung eine neue Technologie, dank der die Chips eine höhere Leistung erzielen und gleichzeitig weniger Strom verbrauchen. Im Gegensatz zu Intel vertraut AMD nicht auf eigene Fabriken, sondern lässt die Chips von Vertragspartnern herstellen.

    Intel bleibt unangefochten Marktführer

    Die größte Konkurrenz für AMD geht nach wie vor von Intel aus. Beide Unternehmen konkurrieren um die Lieferung von Chips für Rechenzentren, die internetbasierte Dienste bereitstellen. Spezialisiert haben sich die beiden Unternehmen aktuell auf Rechenzentrumschips, da ein Großteil der Benutzer auf mobile Geräte umgestiegen ist und der Markt für PC-Chips immer kleiner wird.

    Marktführer bleibt weiterhin Intel mit knapp 90 Prozent Marktanteil. Experte Patrick Moorhead schätzt gegenüber Reuters, dass AMD Intel mit der ersten Generation der EPYC-Serverchips einen niedrigen einstelligen Marktanteil abgenommen hat, der mit der neuen Generation noch einmal wachsen könnte. Moorhead sieht AMD auf einem guten Weg, geht aber auch davon aus, dass Intel gerade im Bereich des maschinellen Lernens noch deutliche Vorteile hat.



    english (google translation):



    With two new major customers AMD succeeds a success against Intel. In addition, the chip manufacturer introduces its latest generation of processors.

    AMD has released the second generation of its data center processor chips, while announcing that Google and Twitter have been acquired as customers, Reuters reports. It also states that Google will use the second-generation server chips in its internal data centers, and will also offer them to external developers over the year as part of its cloud computing offerings.

    The new generation of server chips, called EPYC, uses a new technology in its production, which allows the chips to perform better while consuming less power. Unlike Intel, AMD does not rely on its own factories, but lets the chips of contractors make.

    Intel remains the undisputed market leader

    The biggest competition for AMD is still from Intel. Both companies are competing to deliver data center chips that provide Internet-based services. The two companies are currently specialized in data center chips, as a large proportion of users have switched to mobile devices and the market for PC chips is becoming smaller and smaller.

    The market leader remains Intel with almost 90 percent market share. According to Reuters, expert Patrick Moorhead estimates that AMD's Intel first-generation EPYC server chips have lost a low single-digit market share, which could grow even further with the new generation. Moorhead sees AMD on the right path, but also assumes that Intel has significant advantages, especially in the field of machine learning.



  8. additionally in the same context this article:








    09.08.2019, 19:28 Uhr

    Es ist schon eineinhalb Jahre her, dass eine gravierende Sicherheitslücke im Design moderner Prozessoren vor allem von Intel die Computerindustrie erschütterte. Aber auch jetzt werden noch neue Angriffswege bekannt.


    Die Probleme mit Sicherheitslücken in Prozessoren von Intel sind noch lange nicht vorbei: Die IT-Sicherheitsfirma Bitdefender machte eine weiteren Angriffsweg öffentlich, der inzwischen mit Updates unter anderem von Microsoft geschlossen werden kann. Die von Bitdefender entdeckte Methode umgehe alle bisherigen Schutzmechanismen, die im Frühjahr 2018 nach Bekanntwerden der Schwächen im Chipdesign eingesetzt wurden, sagte Bitdefender-Forscher Bogdan Botezatu der dpa. Es sei zu befürchten, dass in Zukunft noch weitere ähnliche Sicherheitsprobleme auftauchen, warnte er zur Branchenkonferenz Black Hat.

    Von der neuen Schwachstelle waren alle Rechner mit neueren Intel-Prozessoren betroffen, auf denen das Windows-Betriebssystem läuft. Der Kern des Problems ist derselbe wie bei den Anfang 2018 bekanntgewordenen Angriffsszenarien Spectre und Meltdown, nämlich ein Mechanismus im Prozessor, der versucht, die nächsten Befehle vorherzusagen. Ziel der bereits seit mehreren Jahren eingesetzten „Speculative Execution“-Technologie war, den Prozessor schneller zu machen. Die Methode hinterlässt jedoch Daten im internen Speicher der Chips, die Attacken ermöglichen.

    Angriffe funktionierten weiterhin

    Die Gefahr war mit Software-Updates im Frühjahr 2018 weitgehend eingedämmt worden. Der von Bitdefender entdeckte neue Angriffsweg funktionierte jedoch weiterhin im Zusammenspiel mit einem bestimmten Befehl des Windows-Systems. Angreifer, die die Schwachstelle kennen, könnten damit „die wichtigsten und am besten geschützten Daten von Unternehmen und Privatanwendern stehlen“, warnt Bitdefender.

    Da die Attacke komplex und aufwendig sei, dürften als Angreifer eher hoch professionalisiert agierende Geheimdienst-Hacker als gewöhnliche Cyberkriminelle in Frage kommen, schränkte Botezatu ein. Zugleich sei aber besonders gefährlich, dass die betroffenen Prozessoren auch in Servern von Rechenzentren stecken könnten, wo Zugriff auf Daten vieler verschiedener Dienste möglich wäre. Die Attacke hinterlasse keine Spuren im Prozessor, betonte der Sicherheitsforscher. Bitdefender habe mit den betroffenen Anbietern rund ein Jahr daran gearbeitet, die Lücke zu schließen.

    Aktuell fänden IT-Sicherheitsexperten alle zwei, drei Monate neue Angriffswege – die Chipindustrie sei aber nicht bereit, den Mechanismus der „Speculative Execution“ aufzugeben, weil er so große Leistungsverbesserungen bringe, sagte Botezatu. Er kritisierte die Entscheidung von Intel, sich beim Stopfen der Lücke allein auf Microsoft zu verlassen – denn das Sicherheitsupdate gebe es zum Beispiel nicht für die älteren Betriebssysteme Windows XP und Vista. dpa



    english (google translation):



    It's been a year and a half since a serious security hole in the design of modern processors, especially from Intel, shook the computer industry. But even now new attack paths are known.

    The problems with security gaps in processors of Intel are far from over: The IT security firm Bitdefender made another attack path public, which can be closed now with updates among other things by Microsoft. The method discovered by Bitdefender circumvent all previous protection mechanisms, which were used in the spring of 2018 after becoming aware of the weaknesses in chip design, said Bitdefender researcher Bogdan Botezatu dpa. It is to be feared that other similar security problems will emerge in the future, he warned at the industry conference Black Hat.

    The new vulnerability affected all computers with newer Intel processors running the Windows operating system. The crux of the problem is the same as the Specter and Meltdown attack scenarios that became known in early 2018, namely a mechanism in the processor that tries to predict the next commands. The aim of the "Speculative Execution" technology used for several years was to make the processor faster. However, the method leaves data in the internal memory of the chips, which allow attacks.

    Attacks continued to work

    The threat was largely contained with software updates in the spring of 2018. However, the new attack path discovered by Bitdefender still worked in conjunction with a specific command from the Windows system. Attackers aware of the vulnerability could use it to steal "the most important and best-protected data from businesses and home users," warns Bitdefender.

    Since the attack was complex and time-consuming, attackers might be more likely to be highly professionalized intelligence hackers than ordinary cybercriminals, Botezatu said. At the same time, however, it is particularly dangerous that the affected processors could also be located in data center servers, where access to data from many different services would be possible. The attack leaves no traces in the processor, stressed the security researcher. Bitdefender worked with the affected providers for about a year to close the gap.

    Currently, IT security experts are finding new ways of attacking every two or three months - but the chip industry is unwilling to give up the mechanism of "speculative execution" because it brings such huge performance improvements, Botezatu said. He criticized Intel's decision to rely solely on Microsoft to plug the gap - because the security update, for example, give it not for the older operating systems Windows XP and Vista. dpa



  9. https://t3n.de/news/ice-lake-prozessoren-intel-nennt-spezifikationen-1184163/





    Intel hat seine Ice-Lake-Prozessoren der U- und Y-Serie offiziell angekündigt. Die neuen Chips der zehnten Generation sollen ab Herbst in schlanken Notebooks verbaut werden.


    Im Zuge der Computex 2019 hatte Intel einen ersten Ausblick auf seine kommenden Prozessorgenerationen gegeben. Mit dabei: neue Prozessoren der Ice-Lake-Reihe, die erstmals im Zehn-Nanometer-Verfahren gefertigt werden. Knapp einen Monat vor der IFA 2019 hat der Chipentwickler die Hüllen von seinen Quad-Core-Prozessoren für die nächste Note- und Ultrabook-Generation fallen lassen. Eines der ersten Modelle wird Dells XPS 13 2-in-1 (7390).

    Intel Ice Lake U und Y: Vier Kerne, neue Mikroarchitektur

    Die Ice-Lake-Prozessoren der Klassen Y und U kommen mit neun respektive 15 Watt und bis zu 28 Watt TDP und besitzen jeweils vier Kerne. Die Kerne basieren auf der neuen Sunny-Cove-Mikroarchitektur und stellen die erste größere Überarbeitung seit Skylake von 2015 dar. Weiterer Bestandteil ist die neue Gen11-Grafikeinheit mit gleich 64 statt 24 Shader-Blöcken – sie unterstützen ferner LPDDR4X- statt LPDDR3-Arbeitsspeicher.

    Die Gen11-Grafikeinheit unterstützt außerdem Displayport 1.4 und HDMI 2.0. Auf dem Träger befindet sich zudem der Chipsatz (PCH) in 14 Nanometer, er integriert die Sata-6-Gigabit pro Sekunde und die USB-3.2-Gen2-Ports sowie 16 PCIe-Gen3-Lanes. Intel spricht von durchschnittlich 18 Prozent mehr Leistung pro Takt verglichen zur Kaby-Lake- beziehungsweise Skylake-Generation aus dem Jahr 2016.

    Die Spezifikationen der Ice Lake U- und Y-Chips i Überblick. (Screenshot: Intel)

    Die Spezifikationen der Ice Lake U- und Y-Chips im Überblick. (Screenshot: Intel)

    Intel Ice Lake mit neuer Iris-Grafik

    Mittels der neuen Iris-Plus-Grafik, die nur in den stärkeren Core-i5- und i7-Prozessoren verbaut sind (siehe Grafik), sollen auf Notebooks beliebte Spiele wie Battlefield V bei 1080p und flüssigen Bildraten gespielt und 4K-HDR-Videos gestreamt werden können, so Intel. Ebenso könne 4K-Video- und hochauflösende Fotobearbeitung schnell erledigt werden. Durch KI-Algorithmen sollen die Prozessoren lernen und sich an eure Arbeitsweise anpassen, um euch dabei zu helfen, Dinge schneller und flüssiger zu erledigen, erklärt Intel.

    Intel Ice Lake U. (Bild: Intel)

    1 von 2

    Für eine schnelle kabelgebundene und drahtlose Datenübertragung hat Intel vier Thunderbolt3-Ports per USB C und Wifi 6 (Gig+) in die Chips integriert.

    Die neuen Ice-Lake-Prozessoren seien die ersten der zehnten Intel-Core-Prozessorgeneration und werden laut Entwickler in neuen Note- und Ultrabooks von diversen PC-Herstellern passend zum Weihnachtsgeschäft erhältlich sein. Neben dem Dell XPS 2-in-1 gehören zu den ersten schon angekündigten Modellen etwa Acers Swift 5, HPs Envy 13 und Lenovos Yoga S940. Weitere Details über die Prozessoren findet ihr bei Intel.



    english (google translation):



    Intel has officially announced its Ice-Lake processors in the U and Y series. The new chips of the tenth generation will be installed in the autumn in sleek notebooks.

    In the course of Computex 2019, Intel had given a first look at its upcoming processor generations. Also on board: new processors from the Ice Lake series, which are being produced for the first time using the ten-nanometer process. Barely a month before IFA 2019, the chip developer dropped the covers of its quad-core processors for the next generation of Note and Ultrabooks. One of the first models will be Dell's XPS 13 2-in-1 (7390).

    Intel Ice Lake U and Y: Four cores, new micro architecture

    Class Y and U Ice-Lake processors come with nine and 15 watts and up to 28 watts TDP and each have four cores. The cores are based on the new Sunny Cove microarchitecture and represent the first major overhaul since Skylake in 2015. Also included is the new Gen11 graphics engine with 64 shader blocks instead of 24, and they also support LPDDR4X instead of LPDDR3 memory.

    The Gen11 graphics unit also supports Displayport 1.4 and HDMI 2.0. On the carrier is also the chipset (PCH) in 14 nanometers, it integrates the Sata-6 Gigabit per second and the USB 3.2 Gen2 ports and 16 PCIe Gen3 lanes. Intel reports an average of 18 percent more power per clock compared to the 2016 Kaby Lake or Skylake generation.

    The specifications of the Ice Lake U and Y chips i overview. (Screenshot: look above in german article)

    The specifications of the Ice Lake U and Y chips at a glance. (Screenshot: look above in german article)

    Intel Ice Lake with new iris graphics

    By means of the new Iris Plus graphics, which are installed only in the stronger Core i5 and i7 processors (see diagram), are played on laptops popular games like Battlefield V at 1080p and liquid frame rates and 4K HDR videos streamed can be, so Intel. Similarly, 4K video and high-resolution photo editing can be done quickly. AI algorithms are designed to help processors learn and adapt to your way of working to help you get things done faster and smoother, Intel said.

    Intel Ice Lake U. (Image: look above in german article)

    Intel Ice Lake U. (Image: look above in german article)

    1 of 2

    For fast wired and wireless data transfer, Intel has integrated four Thunderbolt3 ports into the chips via USB C and Wifi 6 (Gig +).

    The new Ice Lake processors are the first of the tenth Intel Core processor generation and will be available according to the developer in new notebooks and Ultrabooks from various PC manufacturers to match the Christmas business. In addition to the Dell XPS 2-in-1, the first models already announced include Acer's Swift 5, HP's Envy 13 and Lenovo's Yoga S940. More details about the processors can be found at Intel.






  10. https://t3n.de/news/swapgs-attack-trifft-nur-intel-1185554/





    09.08.2019, 16:28 Uhr

    Mit der Spectre-ähnlichen SwapGS-Attack kann auf eigentlich geschützte Speicherbereiche zugegriffen werden, indem die spekulative Ausführung des Befehls ausgenutzt wird. Betroffen sind alle Intel-CPU seit Ivy Bridge von 2012, von Microsoft gibt es bereits Patches für Windows 10.


    SwapGS-Attack ist ein neuer Sidechannel-Angriff auf Intel-Prozessoren; er macht sich den gleichnamigen Befehl zunutze, indem spekulativer Code ausgeführt wird. SwapGS-Attack wurde von Bitdefender-Forschern entdeckt und auf der Black Hat 2019 veröffentlicht, die Sicherheitslücke wurde als CVE-2019-1125 nummeriert. Betroffen sind alle Intel-CPU, die die SwapGS- und die WrGSBase-Instruktionen unterstützen, also ab Ivy Bridge wie dem Core i7-3770K von Frühling 2012.

    Grundlegend ähnelt SwapGS-Attack bekannten Seitenkanal-Angriffen wie Spectre V1. Dem Whitepaper von Bitdefender zufolge funktioniert SwapGS-Attack auch nur auf x86_64-Architekturen von Intel, nicht aber von AMD. Für alle Prozessoren abseits der x86-Welt geben die Forscher daher Entwarnung – bei ARM, MIPS, Power, Sparc oder RISC-V erwarten sie, dass SwapGS-Attack keinen Erfolg habe.

    Primär ein Problem von Windows 10

    Zudem ist SwapGS-Attack primär ein Problem von Windows 10 x64, da via SwapGS-Befehl die Kernel Page Table Isolation (KPTI) überwunden wird und somit der privilegierte Bereich des Arbeitsspeichers offen liegt. Microsoft veröffentlichte daher am Dienstag (6. August 2019) bereits Patches für CVE-2019-1125. Intel wiederum hat nicht vor, per CPU-Microcode-Update gegen SwapGS-Attack vorzugehen, sondern sieht aktuell gehaltene Software als ausreichend an.

    Unter Linux ist der Kernel geschützt, Versuche seitens Bitdefender mit Hyper-V und dem Xen Hypervisor zeigten, dass der SwapGS-Befehl nicht verwendet wird. Auch Red Hat sagt, dass keine bekannte Möglichkeit bestehe, unter Linux diese Sicherheitslücke per SwapGS-Attack anzugreifen. Von Apple gibt es noch keine Rückmeldung, aber auch hier geht Bitdefender davon aus, das macOS X nicht anfällig sei. Für breit gestreute Angriffe auf Endanwender eignet sich die Lücke ohnehin nicht, sondern einzig für sehr spezifische Attacken.

    Autor des Artikels ist Marc Sauter.



    english (google translation):


    The Spectre-like SwapGS attack can be used to access protected memory areas by exploiting the speculative execution of the command. Affected are all Intel CPU since Ivy Bridge of 2012, Microsoft already has patches for Windows 10.

    SwapGS Attack is a new sidechannel attack on Intel processors; he uses the command of the same name by executing speculative code. SwapGS Attack was discovered by Bitdefender researchers and released at Black Hat 2019, the vulnerability was numbered as CVE-2019-1125. Affected are all Intel CPUs that support the SwapGS and WrGSBase instructions, so from Ivy Bridge like the Core i7-3770K from spring 2012.

    Basically, SwapGS Attack is similar to known side channel attacks like Specter V1. According to Bitdefender's paper, SwapGS Attack only works on Intel x86_64 architectures, not AMD. For all processors off the x86 world, the researchers give all-clear - in ARM, MIPS, Power, Sparc or RISC-V, they expect that SwapGS Attack have no success.


    Primarily a problem of Windows 10

    In addition, SwapGS Attack is primarily a problem of Windows 10 x64, since via SwapGS command Kernel Page Table Isolation (KPTI) is overcome and thus the privileged area of memory is exposed. Therefore, Microsoft has already released patches for CVE-2019-1125 on Tuesday (August 6, 2019). Intel in turn does not intend to proceed by means of a CPU microcode update against SwapGS Attack, but sees currently held software as sufficient.

    On Linux, the kernel is protected, attempts by Bitdefender with Hyper-V and the Xen hypervisor showed that the SwapGS command is not used. Red Hat says there is no known way to attack this vulnerability via SwapGS Attack on Linux. There is no feedback from Apple, but here too Bitdefender assumes that macOS X is not vulnerable. For wide-spread attacks on end users, the gap is not suitable anyway, but only for very specific attacks.

    Author of the article is Marc Sauter.



  11. perhaps in the meantime...


    you can selected it manually

    options -> include -> add

    -> "drive or folder" -> browse to "c:\amd" -> ok

    -> file types -> spezial file-artefacts you mean (if ccleaner it allows, if not, select the type of files you want to delete)

    -> options -> include files only -> ok



    ps: click on it with windows-explorer and delete it simply :-) is fast and good

    what kind of file-artefacts are this?

  12. On 13.7.2018 at 06:26, hazelnut said:

    Just for info.. Windows Notepad to get update

    only for w10? how bad from ms... not w8.1 or 7? support is not closed yet, mister & misses microsoft!

  13. hello roadrabbit,


    perhaps your "smart cleaning" is enabled and it caused the issue.


    deactivate it in the meantime

    ccleaner -> options -> smart cleaning

    untick the 3 points (i read you have the pro version)


    try the installation again -> if it works -> tick the 3 points in "smart cleaning" again if you want it

  • Create New...