Just like other user accounts, database users can get certain roles granted. Those roles define what they can do and what they can see. Best practice from a security perspective is the “Principle of Least Privilege” (also known as PoLP), granting only specific privileges the...

Again 4 new execution side-channel vulnerabilities were disclosed by Intel on May 14th. Each of them has its own name but collectively they are referred to as Microarchitectural Data Sampling (mds): CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): part of RIDL CVE-2018-12126: Microarchitectural Store Buffer...

  After the Spectre & Meltdown vulnerabilities (see https://monin-it.be/2018/01/17/meltdown-spectre-solution-linux-windows/) at the beginning of 2018, Intel now tackled 3 applications of another big vulnerability in their microcode: the L1 Terminal Fault (L1TF) vulnerabilities. All three applications of L1TF are speculative execution side-channel cache timing vulnerabilities: CVE-2018-3615: Affecting Intel Software...