Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

[IEC]

Inspectre says there is a microcode update for my IB desktop system, but where do I find it?

The one listed above does not list IB desktop chips.

You don't, unless you are lucky enough that your motherboard manufacturer supports microcode updates that far back (unlikely).

Microsoft worked with Intel to implement a microcode patch at boot (for Windows 10 and Server 2016) as a way to address vulnerability in older systems.

https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

Summary:
https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates

Article:
https://www.tomshardware.com/news/microsoft-windows-spectre-patch-intel-cpus,36614.html

 

[formulav8]

Are class-action lawsuits looming?

IIRC, Intel admitted they had 32 suits the last I recall (months ago). Not sure how many now. Most are stockholder suits and will be thrown out most likely.

 

[LTC8K6]

You don't, unless you are lucky enough that your motherboard manufacturer supports microcode updates that far back (unlikely).

Microsoft worked with Intel to implement a microcode patch at boot (for Windows 10 and Server 2016) as a way to address vulnerability in older systems.

https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

Summary:
https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates

Article:
https://www.tomshardware.com/news/microsoft-windows-spectre-patch-intel-cpus,36614.html

OK, that explains why the 1231-V3 system is fully patched, but the 4790K and 3330 systems are not.

EDIT, no it doesn't.

 

[SPBHM]

Inspectre says there is a microcode update for my IB desktop system, but where do I find it?

The one listed above does not list IB desktop chips.

https://support.microsoft.com/en-us/help/4100347/intel-microcode-updates-for-windows-10-version-1803-and-windows-server

it works fine on my sandy bridge with super old bios

 

[rchunter]

Supermicro came out with the bios patches for their haswell based boards. I applied 2 yesterday, plus I updated the ipmi firmware on both my boards also.

 

[Fanatical Meat]

Is it realistic to believe intel will have hardware fixes for new chips by the end of the year?

 

[jpiniero]

Is it realistic to believe intel will have hardware fixes for new chips by the end of the year?

Yes, but almost certainly Cascade Lake only. Whiskey Lake/Coffee Lake Refresh having the fixes is unlikely.

 

[LTC8K6]

Okay, went ahead and installed the new beta BIOS from ASUS for my Z-97A 4790K system.
Inspectre reports all good now.

 

[dualsmp]

Yes, but almost certainly Cascade Lake only. Whiskey Lake/Coffee Lake Refresh having the fixes is unlikely.

That seems highly unlikely given that a complete overhaul in chip architecture is required to actually fix Spectre and Meltdown. They can only "mitigate" the chip flaws until there is a new architecture.

 

[jpiniero]

That seems highly unlikely given that a complete overhaul in chip architecture is required to actually fix Spectre and Meltdown. They can only "mitigate" the chip flaws until there is a new architecture.

Yeah, a hardware mitigation instead of a real fix. But that might be good enough for now.

 

[Panino Manino]

How bad is this for AMD?
https://www.theregister.co.uk/2018/05/25/researchers_crack_open_amds_server_vm_encryption/

I know that there's some extraordinary conditions that are needed, but even so SEV should prevent the information to be extracted in plain text, that information should have come encrypted, right?

 

[beginner99]

How bad is this for AMD?
https://www.theregister.co.uk/2018/05/25/researchers_crack_open_amds_server_vm_encryption/

I know that there's some extraordinary conditions that are needed, but even so SEV should prevent the information to be extracted in plain text, that information should have come encrypted, right?

I'm gonna say if you have a hostile server admin or a malware infected hypervisor, this problem is gonna me a tiny, tiny concern compared to all the other issues you will be facing.

 

[Panino Manino]

I'm gonna say if you have a hostile server admin or a malware infected hypervisor, this problem is gonna me a tiny, tiny concern compared to all the other issues you will be facing.

But SEV purpose was to prevent this from being possible?

 

[moinmoin]

But SEV purpose was to prevent this from being possible?

The primary purpose of SEV in cloud computing would be making it impossible for one VM to read the memory of another VM. That's not broken with this, the VM would still need to capture and fully control the HV first.

So it's a severe bug that ought to be fixed, but it doesn't affect SEV's current use case.

 

[Panino Manino]

One more: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html

 

[IntelUser2000]

Is it realistic to believe intel will have hardware fixes for new chips by the end of the year?

From the Anandtech article:

their specific wording is that the changes will be included in 8th gen Core processors “expected to ship in the second half of 2018.

Meltdown and Spectre has variants. Some versions will be patched in hardware, while some will be patched in software. The software patched one is because it requires a bigger architecture change. They've known about this problem for some time, which is why they can have it by end of the year. But didn't know early enough to patch all.

 

[Lovec1990]

https://www.tomshardware.co.uk/intel-processors-lazyfp-speculative-execution,news-58674.html

anyone read this?

 

[LTC8K6]

https://www.tomshardware.co.uk/intel-processors-lazyfp-speculative-execution,news-58674.html

anyone read this?

Yes, it's about 1.5 months old now. Not sure why it is being reported again?
It's part of this batch:

https://www.tomshardware.com/news/spectre-ng-vulnerabilities-intel-arm-amd,37002.html

We knew at the beginning that more variants of the flaws would likely be discovered over time.

None of them should be a problem for home users, though.

 

[thecoolnessrune]

Yes, it's about 1.5 months old now. Not sure why it is being reported again?
It's part of this batch:

https://www.tomshardware.com/news/spectre-ng-vulnerabilities-intel-arm-amd,37002.html

We knew at the beginning that more variants of the flaws would likely be discovered over time.

None of them should be a problem for home users, though.

That's a really simple answer. We didn't know anything about it then. The article you linked even noted everything was "scant on details".

Now we know some more due to disclosures. There's a small article on Toms Hardware giving a few details, including why it's being reported again. https://www.tomshardware.com/news/intel-processors-lazyfp-speculative-execution,37302.html

 

[LTC8K6]

That's a really simple answer. We didn't know anything about it then. The article you linked even noted everything was "scant on details".

Now we know some more due to disclosures. There's a small article on Toms Hardware giving a few details, including why it's being reported again. https://www.tomshardware.com/news/intel-processors-lazyfp-speculative-execution,37302.html

I wish they would not release the info to the public until patches or mitigations are ready, but it seems headlines and clicks are more important.

 

[LTC8K6]

June 6th:

https://blog.cyberus-technology.de/posts/2018-06-06-intel-lazyfp-vulnerability.html

Looks like it's already taken care of by not using LazyFp.

 

[Mr Evil]

Yes, it's about 1.5 months old now. Not sure why it is being reported again?...

The existence of the vulnerability was known, but the details were under embargo until recently. The BSD people were a bit upset that Intel left them in the dark, so they got together and worked it out for themselves so they could create their own patches. This led to the details becoming public and the embargo was ended early. That is worth reporting.

 

[LTC8K6]

The existence of the vulnerability was known, but the details were under embargo until recently. The BSD people were a bit upset that Intel left them in the dark, so they got together and worked it out for themselves so they could create their own patches. This led to the details becoming public and the embargo was ended early. That is worth reporting.

Except that Intel's page is dated 6/13 and the Cerberus page is dated 6/6, so it was already public.

 

[thecoolnessrune]

I wish they would not release the info to the public until patches or mitigations are ready, but it seems headlines and clicks are more important.

This was responsibly disclosed, and continues to be responsibly disclosed in about the most efficient way possible given the surrounding factors. Both the entities (Amazon Security Research and Cyberus) are highly reputable and have skin in the game (especially given the AWS Datacenter underpinnings Amazon Security Research supports). Why do you believe "headlines and clicks" are driving this effort? This disclosure, and many of the Meltdown / Spectre disclosures have been handled very well given the scope, especially compared to that farce of a disclosure that was Ryzenfall.

 

[Mr Evil]

Except that Intel's page is dated 6/13 and the Cerberus page is dated 6/6, so it was already public.

As I stated, only the existence of the vulnerability was made public. It even says on the very page that you linked to:

The Attack
This section is currently withheld by request from Intel.