The OpenSSH project has received a patch that prevents private keys from being stolen through hardware vulnerabilities that allow hackers to access restricted memory regions from unprivileged processes. The same approach could be used by other software application to protect their secrets in RAM until the issues are fixed in future generations of SDRAM chips and CPUs.
The patch comes after a team of researchers recently presented an attack dubbed RAMBleed that exploits the design of modern memory modules in to extract information from memory regions allocated to privileged processes and the kernel.
Microsoft this week quietly alerted customers running last year's Windows 10 version 1803 that it would soon start a forced upgrade to the latest feature refresh.
In a note added to the Windows release health dashboard on June 18, Microsoft wrote: "We are now beginning to build and train the machine learning (ML) based rollout process to update devices running the April 2018 Update, and earlier versions of Windows 10, to ensure we can continue to service these devices."