Leon Trampert

**Nome do Software Vulnerável e Versões Afetadas** Versões do Thunderbird anteriores a 147.0.1 Versões do Thunderbird anteriores a 140.7.1 **Descrição** Existe uma falha que poderia permitir a exfiltração de conteúdo baseada em CSS de e-mails parcialmente criptografados quando o conteúdo remoto for permitido. Isso poderia potencialmente comprometer a confidencialidade das comunicações por e-mail. **Recomendações** Atualize o Thunderbird para a versão 147.0.1 ou posterior. Atualize o Thunderbird para a versão 140.7.1 ou posterior.

**Name of the Vulnerable Software and Affected Versions** AMD CPUs (affected versions not specified) **Description** The issue concerns improper or unexpected behavior of the INVD instruction in some AMD CPUs, potentially allowing an attacker with a malicious hypervisor to affect cache line write-back behavior of the CPU. This could lead to a loss of guest virtual machine (VM) memory integrity. The vulnerability, known as CacheWarp, affects AMD's Secure Encrypted Virtualization (SEV) technology, which is designed to protect against malicious hypervisors and reduce the attack surface of virtual machines by encrypting data. CacheWarp can be exploited to escalate privileges, execute remote code, and bypass authentication in virtual machines. The attack involves manipulating cache lines and exploiting the INVD instruction to alter the behavior of the CPU, potentially allowing attackers to gain control over virtual machines and access sensitive data. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.