NSA Releases Updated Guidance on Side-Channel Vulnerabilities

["US-CERT" <US-CERT () ncas us-cert gov>]

U.S. Department of Homeland Security US-CERT

National Cyber Awareness System:



NSA Releases Updated Guidance on Side-Channel Vulnerabilities [ 
https://www.us-cert.gov/ncas/current-activity/2019/02/01/NSA-Releases-Updated-Guidance-Side-Channel-Vulnerabilities ] 
02/01/2019 02:21 PM EST 
Original release date: February 01, 2019

The National Security Agency (NSA) has released updated information on a set of side-channel vulnerabilities affecting 
modern computer processors. An attacker can exploit these vulnerabilities to obtain sensitive information.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure 
Security Agency (CISA), encourages users and administrators to review the NSA Cybersecurity Advisory on Updated 
Guidance for Vulnerabilities Affecting Modern Processors [ 
https://www.nsa.gov/Portals/70/documents/what-we-do/cybersecurity/professional-resources/CSA_Updated_Guidance_For_Vulnerabilities_Affecting_Modern_Processors_20190130.pdf?ver=2019-01-30-142631-553
 ] and Hardware and Firmware Security Guidance GitHub website [ 
https://github.com/nsacyber/Hardware-and-Firmware-Security-Guidance ] for more information and updated mitigations.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

body { font-size: 1em; font-family: Arial, Verdana, sans-serif; font-weight: normal; font-style: normal; color: 
#333333; } ________________________________________________________________________

A copy of this publication is available at www.us-cert.gov [ https://www.us-cert.gov ]. If you need help or have 
questions, please send an email to info () us-cert gov. Do not reply to this message since this email was sent from a 
notification-only address that is not monitored. To ensure you receive future US-CERT products, please add US-CERT () 
ncas us-cert gov to your address book. 

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ]  

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]