• Guest, The rules for the P & N subforum have been updated to prohibit "ad hominem" or personal attacks against other posters. See the full details in the post "Politics and News Rules & Guidelines."

Speculative execution security flaw(s)

Jaskalas

Lifer
Jun 23, 2004
30,092
3,628
126
Updated 2018-01-05

CNN: Major chip flaws affect billions of devices

Testing Windows 10 performance after patching for "meltdown".
Results: mostly minor impact for end users.

Current question, does the public have security patches to protect against Spectre yet?



Original Post:
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday
Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model.
https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos

PSA, this could have some significant ramifications for both security and performance. If the story checks out, we're talking one busy month of major security patches.
 
Last edited:

C1

Platinum Member
Feb 21, 2008
2,261
56
91
Yes ,these "flaws" were discussed this evening by Lauren Weinstein and referred to as "Spectre " and "Meltdown " exploits. According to Weinstein, these supposed flaws (or architectural vulnerabilities) have existed in, for example, INTEL processors for the last 10 years !

Is anyone certain that these supposed flaws were not really NSA (or deep state) mandated back doors all along, but just now being exposed by the technical community (eg, Julian Assange types) ?

In today's news:

https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/

https://www.cnet.com/news/spectre-meltdown-intel-arm-amd-processor-cpu-chip-flaw-vulnerability-faq


Update:

Meltdown spying on passwords
https://www.youtube.com/watch?v=RbHbFkh6eeE&feature=youtu.be

Benchmarking The Intel CPU Bug Fix, What Can Desktop Users Expect?
https://www.youtube.com/watch?v=_qZksorJAuY&feature=youtu.be


 
Last edited:

Elixer

Lifer
May 7, 2002
10,376
762
126
Here is a tool from MS that tells you if your system has the bug(s).

Microsoft has also released a set of Powershell one-liners that you can use to check if your PC installed the updates properly, or if you need additional firmware updates.

When starting PowerShell, make sure you start it with Admin privileges so that you can install the required modules.

The Powershell command below will download and install a Powershell module for testing for the Meltdown and Spectre flaws.

Install-Module SpeculationControl​
If you run the command and get execution errors, you might need to adjust your Powershell execution policy. Run the following command:

Set-ExecutionPolicy Bypass​
Now, you know can run a second Powershell command that actually checks your system:

Get-SpeculationControlSettings


For more details...

https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/
 
Last edited:
May 11, 2008
18,309
829
126
https://www.amd.com/en/corporate/speculative-execution

Variant Two Branch Target Injection Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.
This is the output:
SInce i have an AMD cpu, the security fix seems to not be enabled since it is unnecessary.

Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: False
.


Forgot to note that when you do the powershell thing, do not forget to do a
Set-executionpolicy Restricted afterwards.
Or Set-executionpolicy default will do.
I think that is better for safety.
Check with Get-executionpolicy that it is set to restriced which is default.

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-executionpolicy?view=powershell-5.1
 
Last edited:

ultimatebob

Lifer
Jul 1, 2001
23,897
1,665
126
They still haven't really found a way to remotely exploit a system with these processor defects.... right? I'm not sure why CNN is panicking about this, since it looks like you need to be logged into the system in order to exploit the issue.

Hell, the Red Hat and VMWare patches for this are only classified as "Important", which basically means "patch it as part of your normal maintenance cycle". With the way people are screaming about this, I was expecting them to be classified as "critical", AKA the "stop what you're doing and patch your shiznit NOW" kind of issue.
 
Feb 4, 2009
30,228
10,754
136
They still haven't really found a way to remotely exploit a system with these processor defects.... right? I'm not sure why CNN is panicking about this, since it looks like you need to be logged into the system in order to exploit the issue.

Hell, the Red Hat and VMWare patches for this are only classified as "Important", which basically means "patch it as part of your normal maintenance cycle". With the way people are screaming about this, I was expecting them to be classified as "critical", AKA the "stop what you're doing and patch your shiznit NOW" kind of issue.
CNN is acting crazy about this almost Y2K crazy.
 

Red Squirrel

No Lifer
May 24, 2003
60,024
8,737
126
www.uovalor.com
What I'd like to see mainstream media freak out about is the ME backdoor. And talk about the AMD one too, it's not just Intel. That is more concerning than any of these exploits yet it's something nobody really ever talks about.
 

Elixer

Lifer
May 7, 2002
10,376
762
126
What I'd like to see mainstream media freak out about is the ME backdoor. And talk about the AMD one too, it's not just Intel. That is more concerning than any of these exploits yet it's something nobody really ever talks about.
ME backdoor doesn't have a catchy name...

Most places that I have seen lump in AMD with intel... for everything, and while not 100% accurate, it is "good enough" for them.

CNN is acting crazy about this almost Y2K crazy.
You are shocked by this? It is CNN after all...
 

bononos

Diamond Member
Aug 21, 2011
3,723
68
91
They still haven't really found a way to remotely exploit a system with these processor defects.... right? I'm not sure why CNN is panicking about this, since it looks like you need to be logged into the system in order to exploit the issue.
............
The exploit could be used while you're on your browser. Or used by trojans. So the risk was definitely high.

Also initially it was thought that some variants of the exploit (Spectre) could not be fixed via software patches for Intel cpus. And the performance hit was high for the Meltdown fix.
 

bononos

Diamond Member
Aug 21, 2011
3,723
68
91
What I'd like to see mainstream media freak out about is the ME backdoor. And talk about the AMD one too, it's not just Intel. That is more concerning than any of these exploits yet it's something nobody really ever talks about.
AMD is much much less affected because it wasn't affected by variant 3. Only theoretical vulnerability to variant 2 on linux and variant 1 could be patched without significant performance loss. Intel tried to softpedal the issue and say every company was affected but that is incorrect.

Currently some people are reporting major performance impacts from the intel fix for certain tasks like compiling. Large impact on NVME peformance. Significant drops in minimum fps in gaming.
 

ASK THE COMMUNITY