Major flaw in millions of Intel chips -- (Spectre & Meltdown)

Corrine · February 01, 2018, 12:19:31 PM

Let's hope the researchers are wrong: We May Soon See Malware Leveraging the Meltdown and Spectre Vulnerabilities.

QuoteSecurity researchers are seeing an ever-increasing number of malware samples that are experimenting with the Meltdown and Spectre vulnerabilities.

According to experts at AV-TEST, Fortinet, and Minerva Labs, several individuals are experimenting with publicly released proof-of-concept (PoC) code for the Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5715, CVE-2017-5753) vulnerabilities.

Researchers from AV-TEST have detected 119 malware samples that are related to the aforementioned CPU vulnerabilities.

Corrine · February 08, 2018, 01:00:33 PM

Intel releases new Spectre microcode update for Skylake; other chips remain in beta | Ars Technica:

QuoteAfter recommending customers not use its microcode fix for Broadwell and Haswell chips, Intel has issued a new microcode update for Skylake processors that gives operating systems the ability to protect against the Spectre flaw revealed earlier this year.

Corrine · February 21, 2018, 08:43:38 PM

Intel hurls Spectre 2 microcode patch fix at world • The Register

Quote"We have now released production microcode updates to our OEM customers and partners," said Navin Shenoy, veep and GM for mobile client platforms at Intel. "The microcode will be made available in most cases through OEM firmware updates".

Intel said the firmware is in beta mode for Sandy Bridge, Ivy Bridge, Haswell and Broadwell. The microcode patch update schedules for the chips are here.

Corrine · February 23, 2018, 04:50:05 PM

The beat goes on, AMD now facing class action suits over Spectre vulnerability of CPUs - Neowin

Quote
The consumer backlash over the Spectre and Meltdown vulnerabilities has been strong, with Intel seeing the bulk of the wrath in the form of more than 30 class action suits. AMD is also coming under the legal microscope as well, now facing four class-action suits of its own.

Paddy · February 27, 2018, 09:18:11 AM

Intel did not inform US before chip flaws were made public

http://www.bbc.co.uk/news/technology-43196923

Paddy..

Corrine · March 02, 2018, 02:23:48 AM

Update on Spectre and Meltdown security updates for Windows devices - Windows Experience BlogWindows Experience Blog

See the referenced article for "Additional steps being taken to address Spectre and Meltdown vulnerabilities" and "Antivirus (AV) Software Compatibility".

Also see KB4090007, Intel microcode updates

techie · March 02, 2018, 01:56:23 PM

Honestly, this threat is compounded because it was thrown out there. This should have never been made public, until it was validated and completely patched.

I mean it could have been years before hackers or illegitimate players even figured this out. Look how many years this went without being discovered. There fully aware of what it is now and exploit it, yeah I bet it will be.

Corrine · March 14, 2018, 05:23:05 PM

From March 2018 Windows security update – Expanding our efforts to protect customers - Windows Experience BlogWindows Experience Blog:

QuoteEarlier this month I shared news on Microsoft's continuing efforts to help protect our customers against the Spectre and Meltdown hardware-based vulnerabilities. Today, we are announcing the expansion of devices covered by Windows security updates by removing the anti-virus compatibility check for Windows 10 devices, expanding the availability of Intel microcode updates in the Microsoft Catalog, and adding coverage for x86 editions of Windows 71 and Windows 8.1.

Corrine · April 11, 2018, 02:30:12 PM

Microsoft Removes Antivirus Registry Key Check for All Windows Versions:

QuoteThe OS maker removed the registry key check for Windows 10 computers last month, in March, and has announced yesterday that the key is no longer necessary for the other Windows operating system versions —7, 8, 8.1, Server 2008, and Windows Server 2012.

Pete! · April 20, 2018, 05:01:56 PM

I don't know if it's related but "Dell Support Assist" just updated the BIOS on a five year old Inspiron One 2020.

It's actually the first time "Support Assist" actually did anything besides making me wonder if it was necessary.

Pete! · May 03, 2018, 12:50:17 PM

Quote from: Pete! on April 20, 2018, 05:01:56 PM
I don't know if it's related but "Dell Support Assist" just updated the BIOS on a five year old Inspiron One 2020.

It's actually the first time "Support Assist" actually did anything besides making me wonder if it was necessary.

I've been noticing slightly slower performance, so I ran InSpectre again. I'm no longer "vulnerable" but paying a small price.

For the way I use this machine, it's not crippling. YMMV

Corrine · May 18, 2018, 09:20:23 PM

New Spectre Attack Recovers Data From a CPU's Protected SMM Mode

Fortunately:

QuoteOriginal Spectre patches will protect users

While their experimental attack was crafted to work around the Spectre variant 1 vulnerability, researchers said that using Spectre variant 2 (CVE-2017-5715) can also achieve the same results.

Researchers said they've notified Intel of their new Spectre attack variation in March. Intel says that the original patches for the Spectre variant 1 and variant 2 should be enough to block the attack chain discovered by the Eclypsium team.

Corrine · May 21, 2018, 10:42:38 PM

Google and Microsoft Reveal New Spectre Attack

QuoteIntel and AMD x86 chipsets, along with POWER 8, POWER 9, System z, and ARM CPUs are known to be affected. Intel has published a detailed list of affected CPU series in a security advisory.

Variant 4 can be exploited remotely, via the browser. Microsoft said it did not detect any exploitation attempts, though.

Also see the security advisories:

Intel: INTEL-SA-00115
Microsoft: ADV180012 | Microsoft Guidance for Speculative Store Bypass
RedHat: CVE-2018-3639 - Red Hat Customer Portal

Corrine · June 24, 2018, 02:15:47 PM

As if we haven't seen enough about Meltdown/Spectre, now this:

Changes in WebAssembly Could Render Meltdown and Spectre Browser Patches Useless

Corrine · July 11, 2018, 01:21:37 PM

New Spectre 1.1 and Spectre 1.2 CPU Flaws Disclosed

QuoteTwo security researchers have revealed details about two new Spectre-class vulnerabilities, which they've named Spectre 1.1 and Spectre 1.2.

Just like all the previous Meltdown and Spectre CPU bugs variations, these two take advantage of the process of speculative execution— a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data.

According to the article, no patches are available for either bugs and Microsoft, Oracle, and Red Hat are still investigating whether it affects data handled by their products.