We are thrilled to announce the availability of the Intel Corporation-optimised build for Ubuntu 24.04 LTS, which allows you to run Intel® TDX with #Ubuntu as both host and guest OSes. With no changes required to the application layer, VM isolation with Intel® TDX greatly simplifies the porting and migration of existing workloads to a confidential computing environment. Check out the blog to learn more details: https://lnkd.in/dM7zXWaD #confidentialcomputing #security #tdx
Canonical’s Post
More Relevant Posts
-
AMD's SEV-SNP Hypervisor support is on the brink of being integrated into the mainline Linux kernel. This marks a significant milestone for confidential computing as it brings us closer to the ultimate goal of secure and isolated virtual environments. The SEV-SNP, which stands for Secure Encrypted Virtualization Secure Nested Paging, has reached its 14th patch revision and is building upon the existing SEV-SNP guest support that's already mainlined. While not all features are enabled yet, this update lays the groundwork for booting SEV-SNP VMs and promises future enhancements like interrupt protection. For those utilizing AMD EPYC servers, this means better security for your virtual machines, with strong memory integrity protection against malicious attacks. It's a step forward in creating a more secure and confidential computing landscape. Stay tuned for more updates as this technology progresses towards the Linux 6.10 kernel cycle. It's an exciting time for AMD and the Linux community! #AMD #Linux #Virtualization #Security #TechNews
AMD SEV-SNP Hypervisor Support Nears The Mainline Linux Kernel
phoronix.com
To view or add a comment, sign in
-
Señor DevOops Engineer | Fractured CTO | CKA/CKS | Developer pain reliever | Ace infrastructure whisperer
🍘 🚨 🍘 Another chipset/processor microcode-level speculative-execution exploit! The Linux Kernel has a lightly-tested patch out now, so upgrade after testing to your comfort level. This one affects Intel, but there've been AMD-specific exploits recently, so kernel AND processor microcode upgrades are a MUST. Dedicated vulnerability page with exploit background: https://downfall.page/ and LWN for commentary and up-to-date remediation info: https://lnkd.in/eu6aJ2CQ
Downfall Attacks
downfall.page
To view or add a comment, sign in
-
Technology adoption enabler, technical consultant and amateur programmer. All posted content is of my own opinion and not reflective of current or past employers.
🚨 This vulnerability is pervasive, affectiting computer systems running a set of specific processors ( Intel Core processors from the 6th Skylake to and including the 11th Tiger Lake generation), including cloud compute.
Señor DevOops Engineer | Fractured CTO | CKA/CKS | Developer pain reliever | Ace infrastructure whisperer
🍘 🚨 🍘 Another chipset/processor microcode-level speculative-execution exploit! The Linux Kernel has a lightly-tested patch out now, so upgrade after testing to your comfort level. This one affects Intel, but there've been AMD-specific exploits recently, so kernel AND processor microcode upgrades are a MUST. Dedicated vulnerability page with exploit background: https://downfall.page/ and LWN for commentary and up-to-date remediation info: https://lnkd.in/eu6aJ2CQ
Downfall Attacks
downfall.page
To view or add a comment, sign in
-
Microsoft made another change to Windows 11 system requirements. It's dropped support for 44 Intel processors. It's unlikely to impact your business, but if you want to be sure get in touch - we can help! #Windows11 #MicrosoftUpdates #Intel #technology #itsupport #thinkcloud #cybersecurity
Microsoft drops support for dozens of Intel processors in latest Windows 11 system requirements update
https://betanews.com
To view or add a comment, sign in
-
Unlock the power of the edge with Keel. Our lightweight linux based OS, with integrated KVM-based hypervisor and SDN (routing and virtualized switching) capabilities, providing a secure virtualization environment on your x86 hardware. Perfect for organizations needing a secure and robust OS, that eliminates the complexity of running siloed infrastructure at the edge. Learn more about how Keel can revolutionize your edge computing needs: https://lnkd.in/exmRZA5 #Klas #TheEdgeTechnologyCompany #edgetechnology #EdgeComputing #SecureOS #Cybersecurity #BigData
To view or add a comment, sign in
-
"Researchers unveil the "first native Spectre v2 exploit" targeting the Linux kernel on Intel systems, known as Native Branch History Injection (BHI). This exploit, detailed by Vrije Universiteit Amsterdam's Systems and Network Security Group, bypasses existing Spectre v2/BHI mitigations, allowing for the leakage of arbitrary kernel memory at a rate of 3.5 kB/sec. Tracked as CVE-2024-2201, the vulnerability was initially disclosed in March 2022. Intel's recommendation to address the issue includes disabling Linux's unprivileged eBPFs." #linux #vulnerability #cve #cyberattack #cybersecuirty
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
thehackernews.com
To view or add a comment, sign in
-
VMWare guest escape to host. No patch available for this one yet. The workaround is to disable the virtual USB controller, which may not be possible and difficult to do at scale. Local admin privileges is not best practice however this will be widespread on dev and non-production VMs. From the article "a malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code outside the guest. On Workstation and Fusion that code will run on the host PC or Mac. Under ESXi it will run in the VMX process that encapsulates each guest VM." https://lnkd.in/e3M_Chjf
VMware urges emergency action to blunt hypervisor flaws
theregister.com
To view or add a comment, sign in
-
Vulnerability in 16.5K+ VMware ESXi Instances Let Attackers Execute Code https://lnkd.in/e-mWBNpQ
Vulnerability in 16.5K+ VMware ESXi Instances Let Attackers Execute Code
https://gbhackers.com
To view or add a comment, sign in
-
#linuxkernel #exploit #spectrev2 CVE-2024-2201 is a cybersecurity vulnerabily that could be exploited to read sensitive data from the memory on Intel-based systems running Linux. It's called BHI (Native Branch History Injection) and described by cybersecurity researchers as "First, native Spectre v2" exploit against the Linux kernel.
Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
thehackernews.com
To view or add a comment, sign in
-
To encourage people to find security holes in the open source Kernel-based Virtual Machine (KVM) hypervisor, Google has launched a vulnerability reward program (VRP), where the top prize is up to a quarter of a million dollars. The VRP is set up as a capture-the-flag contest where the tester logs in as a guest and attempts to find a zero-day vulnerability in the KVM host kernel. KVM is an open source project, to which Google is an active contributor, that has been included in mainline Linux since 2007. It allows Intel- or AMD-powered devices to run multiple virtual machines (VMs) with hardware emulation that can be customized to support multiple legacy operating systems. Google uses it in its Android and Google Cloud platforms, which is why it has a vested interest in keeping it secure. https://lnkd.in/gw7Y9m-N
Google Opens $250K Bug Bounty Contest for VM Hypervisor
darkreading.com
To view or add a comment, sign in
400,355 followers