Intel (and AMD, ARM?) processor security flaw.

GeeJay57

GeeJay57

Suspended / Banned
Messages
2,894
Name
Glenn
Edit My Images
Yes
It seems that Intel processors have been found to have a design flaw that allows access to security data held in kernel memory. The problem affects all Intel based machines, i.e. MacOS, Windows, Linux machines. The software patch to sort this is reported to reduce computer performance by up to 30%.
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
https://www.theguardian.com/technol...tel-processors-computers-windows-mac-os-linux

These articles report that the flaw is also present in other processors such as AMD and ARM.
https://www.standard.co.uk/tech/ser...r-chip-security-flaw-discovered-a3731511.html
http://indianexpress.com/article/te...s-billions-of-pcs-everything-to-know-5010874/

Terrific!!
 
In fairness I first saw it in the IMac Pro thread courtesy of @combat squirrel and thought I'd start a dedicated thread.
 
I am sure they will be a comedy law suit from the gamers out there demanding compensation for slowing the world of war down.
 
neil_g said:
Applied patch to W10. No noticeable performance hit so far.
Click to expand...

Not showing as available in Settings > Update & Security on my laptop ... best to wait or do something manually?
 
neil_g said:
Applied patch to W10. No noticeable performance hit so far.
Click to expand...

Are you playing world of light? or some other MMO game on hyper ultra with a 96 inch screen tho?
 
I thought this has a much bigger effect on cloud based and servers than gaming and usual processing.
 
If the patch degrades performance (I'm guessing on older machines) can it be removed and PC/Laptop returned to previous state or is it a one way ticket?
Matt
 
gramps said:
Not showing as available in Settings > Update & Security on my laptop ... best to wait or do something manually?
Click to expand...

Being phased via win updates. No immediate urgency to Install I was just curious. If you really feel inclined..

https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

MatBin said:
If the patch degrades performance (I'm guessing on older machines) can it be removed and PC/Laptop returned to previous state or is it a one way ticket?
Matt
Click to expand...

Even if you did uninstall it, you'd probably get it back automatically later. Plus do you really want an open vulnerability on your system?
 
neil_g said:
Being phased via win updates. No immediate urgency to Install I was just curious. If you really feel inclined..

https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892



Even if you did uninstall it, you'd probably get it back automatically later. Plus do you really want an open vulnerability on your system?
Click to expand...
From what I read it's been vulnerable for years? If it degrades performance to the point of being unusable its time for a new machine anyway.
Does it affect Android tablets?
 
MatBin said:
From what I read it's been vulnerable for years? If it degrades performance to the point of being unusable its time for a new machine anyway.
Does it affect Android tablets?
Click to expand...
But not known about. Now it's known expect exploit attempts.

Like I said, desktop wise the patch isn't noticeable here.
 
Mr Bump said:
I am sure they will be a comedy law suit from the gamers out there demanding compensation for slowing the world of war down.
Click to expand...
It's more likely to come from large corporations who find they have to increase the size / power / cooling of their datacentres by a percentage to maintain performance / capacity for growth.
I've seen comments that SQL can show 20% degradation in benchmarks.
I suspect that you can almost guarantee that the really big players in the cloud world have already had discussions and that an arrangement will have been made.
 
LC2 said:
It's more likely to come from large corporations who find they have to increase the size / power / cooling of their datacentres by a percentage to maintain performance / capacity for growth.
I've seen comments that SQL can show 20% degradation in benchmarks.
I suspect that you can almost guarantee that the really big players in the cloud world have already had discussions and that an arrangement will have been made.
Click to expand...
Indeed. It'll be mostly servers rather than desktops that'll be effected.
 
LC2 said:
It's more likely to come from large corporations who find they have to increase the size / power / cooling of their datacentres by a percentage to maintain performance / capacity for growth.
I've seen comments that SQL can show 20% degradation in benchmarks.
I suspect that you can almost guarantee that the really big players in the cloud world have already had discussions and that an arrangement will have been made.
Click to expand...

I am not so sure about that as remember most of the data centre stuff is virtualised with no access to the physical CPU and hence the exploit. @neil_g might be able to offer more but as a VMware VCP my thoughts are people like VMware will only need to patch the software kernel, the physical kernel should remain as is?
 
I believe this works through virtual machines too.
 
ancient_mariner said:
I believe this works through virtual machines too.
Click to expand...

I've read the same thing, apparently the leak can make information processed from within the VM accessible from the host.

I'm guessing shielded VM's are also probably vulnerable?
 
Exact nature of workload will determine the amount of CPU degredation.
Expect to see it more for I/O intensive work, for instance.

We are expect to see it most on our virtualisation platforms and database servers/storage clusters.
 
It still melts my head how a chip "defect" can cause this. But I do find the Beeb's anti Apple spin on this hilarious:

http://www.bbc.co.uk/news/technology-42575033

The article does make it clear that this affects, well, everything (except the Apple Watch) but the headline on the front page of their website is all about the Cupertino boys. Right down to the bit where M$ releases "fixes" and Apple try their best with "mitigations".

FWIW I just checked my version and apparently my iMac was patched days ago.
 
Some mention was made as to 'it affects all intel chips from last 10 years.....'

Have they produced a list of the affected processors? FWIW my desktop has the i5 four core from I cannot recall when I bought the parts and built it :lol:
 
Much as I am sure a lot is being made of this flaw I assume the AV and Anti Malware folk will be Al over this exploit so in reality if you are patched up shortly what really are the risks?
 
Mr Bump said:
I am not so sure about that as remember most of the data centre stuff is virtualised with no access to the physical CPU and hence the exploit. @neil_g might be able to offer more but as a VMware VCP my thoughts are people like VMware will only need to patch the software kernel, the physical kernel should remain as is?
Click to expand...
VMware seem to have confirmed that meltdown is not a problem. Spectre on the other hand..
 
neil_g said:
But not known about. Now it's known expect exploit attempts.

Like I said, desktop wise the patch isn't noticeable here.
Click to expand...
It's an interesting bug, and as I read the advisories and POC code it seems to me that on it's own it isn't a vulnerability for malware to get on to a system from an external attacker, but gives greater possibilities for what an unprivileged local attacker can do or malware once it's already there. I'm leaving out what it means for hypervisors , shared servers etc in this context and looking at a "home user" environment.

Had a bit of a panic first thing yesterday as I read the separate announces from Xen and from Microsoft as my code forces a lot of kernel context switches (tens of thousands in a short time) but forced the patch to be installed and no noticable effect at all - everything still works and speed unaffected. Fairly big sigh of relief at that point with about half a million end user sites running variants of the same code.
 
gramps said:
Not showing as available in Settings > Update & Security on my laptop ... best to wait or do something manually?
Click to expand...
One other thing to note on this is to check for your antivirus vendors advice regarding the patch.

The update will not be downloaded without a registry key issued by your av to say it is compatible with the patch. Patching without confirmation of your av compatibility may lead to system issues.
 
neil_g said:
VMware seem to have confirmed that meltdown is not a problem. Spectre on the other hand..
Click to expand...

yeah that is my information as it is not possible for a process inside a VM to get access to the physical CPU hardware.

Also the Software Kernal is not the same as a physical intel chip so their are a great deal of differences.

I would imagine it will be the same for AMD and VMWARE but I suspect they will be taking their time on this.
VMWARE do not rush any patches out until they are happy they are rock solid.
 
Box Brownie said:
Some mention was made as to 'it affects all intel chips from last 10 years.....'

Have they produced a list of the affected processors? FWIW my desktop has the i5 four core from I cannot recall when I bought the parts and built it :LOL:
Click to expand...

Everything since Pentiums is my understanding.

For those that like more detail, The Register (for those that can stand reading it, I know some don't like it :) ) has more information on Meltdown, Spectre, AMD, Intel, ARM, VMware etc. - http://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/
 
As a W10 user all round I am happy this will be patched pretty quick.
I would be worried if I was still on W7 or even XP though.
 
Also note from Ms..

Warning

Customers who only install the Windows January 2018 security updates will not receive the benefit of all known protections against the vulnerabilities. In addition to installing the January security updates, a processor microcode, or firmware, update is required. This should be available through your device manufacturer.


Note Surface customers will receive a microcode update via Windows update.
Click to expand...

So you'll need updates from hardware vendors too.
 
neil_g said:
Also note from Ms..



So you'll need updates from hardware vendors too.
Click to expand...

So will that be Intel supplying such microcode update or the motherboard manufacturers???

My motherboard is a few years old and it's most recent firmware updates within 2 years of buying it and there have none since!

Is this combination of both MS update to mitigate for OS ramifications the MS advised hardware maker update becoming a blame game???
 
Box Brownie said:
So will that be Intel supplying such microcode update or the motherboard manufacturers???

My motherboard is a few years old and it's most recent firmware updates within 2 years of buying it and there have none since!

Is this combination of both MS update to mitigate for OS ramifications the MS advised hardware maker update becoming a blame game???
Click to expand...
I suspect no one really knows at the moment.
Whilst meltdown seems to be a known quantity, and spectre2 also resolvable (but harder), spectre1 is still a guessing game from what I've read (albeit much harder to exploit).
I wonder who is going to be the first to speculate that this flaw was at the behest of the NSA ;)

I see no one on here has mentioned this:
https://www.cnbc.com/2018/01/04/int...lready-knew-about-massive-security-flaws.html
 
You must log in or register to reply here.
Back
Top