Speculative execution security flaw(s)

Malogeek · Jan 2, 2018

Red Squirrel · Jan 2, 2018

With all these cpu security flaws, starting to wonder if all the IT guys from Equifax went to work for Intel. lol.

C1 · Jan 4, 2018

Yes ,these "flaws" were discussed this evening by Lauren Weinstein and referred to as "Spectre " and "Meltdown " exploits. According to Weinstein, these supposed flaws (or architectural vulnerabilities) have existed in, for example, INTEL processors for the last 10 years !

Is anyone certain that these supposed flaws were not really NSA (or deep state) mandated back doors all along, but just now being exposed by the technical community (eg, Julian Assange types) ?

In today's news:

https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/

https://www.cnet.com/news/spectre-meltdown-intel-arm-amd-processor-cpu-chip-flaw-vulnerability-faq

Update:

Meltdown spying on passwords
https://www.youtube.com/watch?v=RbHbFkh6eeE&feature=youtu.be

Benchmarking The Intel CPU Bug Fix, What Can Desktop Users Expect?
https://www.youtube.com/watch?v=_qZksorJAuY&feature=youtu.be

Elixer · Jan 4, 2018

Here is a tool from MS that tells you if your system has the bug(s).

Microsoft has also released a set of Powershell one-liners that you can use to check if your PC installed the updates properly, or if you need additional firmware updates.

When starting PowerShell, make sure you start it with Admin privileges so that you can install the required modules.

The Powershell command below will download and install a Powershell module for testing for the Meltdown and Spectre flaws.

Install-Module SpeculationControl
If you run the command and get execution errors, you might need to adjust your Powershell execution policy. Run the following command:

Set-ExecutionPolicy Bypass
Now, you know can run a second Powershell command that actually checks your system:

Get-SpeculationControlSettings

For more details...

https://www.bleepingcomputer.com/news/microsoft/how-to-check-and-update-windows-systems-for-the-meltdown-and-spectre-cpu-flaws/

William Gaatjes · Jan 4, 2018

https://www.amd.com/en/corporate/speculative-execution

Variant Two Branch Target Injection Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.

This is the output:
SInce i have an AMD cpu, the security fix seems to not be enabled since it is unnecessary.

Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: False

.

Forgot to note that when you do the powershell thing, do not forget to do a
Set-executionpolicy Restricted afterwards.
Or Set-executionpolicy default will do.
I think that is better for safety.
Check with Get-executionpolicy that it is set to restriced which is default.

https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.security/set-executionpolicy?view=powershell-5.1

ultimatebob · Jan 4, 2018

They still haven't really found a way to remotely exploit a system with these processor defects.... right? I'm not sure why CNN is panicking about this, since it looks like you need to be logged into the system in order to exploit the issue.

Hell, the Red Hat and VMWare patches for this are only classified as "Important", which basically means "patch it as part of your normal maintenance cycle". With the way people are screaming about this, I was expecting them to be classified as "critical", AKA the "stop what you're doing and patch your shiznit NOW" kind of issue.

Fanatical Meat · Jan 5, 2018

ultimatebob said:
They still haven't really found a way to remotely exploit a system with these processor defects.... right? I'm not sure why CNN is panicking about this, since it looks like you need to be logged into the system in order to exploit the issue.

Hell, the Red Hat and VMWare patches for this are only classified as "Important", which basically means "patch it as part of your normal maintenance cycle". With the way people are screaming about this, I was expecting them to be classified as "critical", AKA the "stop what you're doing and patch your shiznit NOW" kind of issue.

CNN is acting crazy about this almost Y2K crazy.

Red Squirrel · Jan 5, 2018

What I'd like to see mainstream media freak out about is the ME backdoor. And talk about the AMD one too, it's not just Intel. That is more concerning than any of these exploits yet it's something nobody really ever talks about.

Elixer · Jan 5, 2018

Red Squirrel said:
What I'd like to see mainstream media freak out about is the ME backdoor. And talk about the AMD one too, it's not just Intel. That is more concerning than any of these exploits yet it's something nobody really ever talks about.

ME backdoor doesn't have a catchy name...

Most places that I have seen lump in AMD with intel... for everything, and while not 100% accurate, it is "good enough" for them.

Fanatical Meat said:
CNN is acting crazy about this almost Y2K crazy.

You are shocked by this? It is CNN after all...

bononos · Jan 6, 2018

ultimatebob said:
They still haven't really found a way to remotely exploit a system with these processor defects.... right? I'm not sure why CNN is panicking about this, since it looks like you need to be logged into the system in order to exploit the issue.
............

The exploit could be used while you're on your browser. Or used by trojans. So the risk was definitely high.

Also initially it was thought that some variants of the exploit (Spectre) could not be fixed via software patches for Intel cpus. And the performance hit was high for the Meltdown fix.

bononos · Jan 6, 2018

Red Squirrel said:
What I'd like to see mainstream media freak out about is the ME backdoor. And talk about the AMD one too, it's not just Intel. That is more concerning than any of these exploits yet it's something nobody really ever talks about.

AMD is much much less affected because it wasn't affected by variant 3. Only theoretical vulnerability to variant 2 on linux and variant 1 could be patched without significant performance loss. Intel tried to softpedal the issue and say every company was affected but that is incorrect.

Currently some people are reporting major performance impacts from the intel fix for certain tasks like compiling. Large impact on NVME peformance. Significant drops in minimum fps in gaming.

sdifox · Jan 12, 2018

Fanatical Meat said:
CNN is acting crazy about this almost Y2K crazy.

This is much bigger than Y2K

Thread starter	Similar threads	Forum	Replies	Date
M	Should I use wifi or mobile hotspot for security?	Security	1	Jan 6, 2023
D	Question How Can We secure Our Pc?	Security	2	Dec 4, 2022
P	Bit Defender vs AVG Internet security	Security	1	Nov 25, 2022
I	Lenovo still exposing its laptop users to security risk	Security	1	Nov 12, 2022
	Security Cams...looking for a outdoor zoomable security cam ...	Security	1	Aug 30, 2022

Search

Speculative execution security flaw(s)

Jaskalas

Lifer

Malogeek

Golden Member

Red Squirrel

No Lifer

C1

Platinum Member

Elixer

Lifer

William Gaatjes

Lifer

ultimatebob

Lifer

Jaskalas

Lifer

Fanatical Meat

Lifer

Red Squirrel

No Lifer

Elixer

Lifer

bononos

Diamond Member

bononos

Diamond Member

sdifox

No Lifer

ASK THE COMMUNITY

TRENDING THREADS