google-site-verification: google30a059f9a075f398.html

Your Computer Processor is at Risk Round-Up: Meltdown and Spectre CPU Flaws Affecting Most Intel, ARM, AMD Processors

gbhackers.comWisdom Commentary:

A revealing story from this following round-up of articles raised hidden vulnerabilities on most of your computer.

Almost all processors This vulnerability has existed in modern processors since 1995 for “speculative execution” of processor optimizations.

Hardware Error Meltdown and Specter allow an attacker to steal data that is currently being processed on a computer, including personal photos, email, password manager, instant messaging, and sensitive documents

Two vulnerabilities, released today by Google Project Zero, may affect all major CPUs, including major CPUs from AMD, ARM, and Intel processors that threaten virtually any PC, laptop, tablet, and smartphone, regardless of manufacturer or operating system.

These hardware vulnerabilities are broken into two attacks, named Meltdown (CVE-2017-5754) and Specter (CVE-2017-5753 and CVE-2017-5715) that could allow an attacker to steal the sensitivity that is currently being processed on the computer data.

Both attacks leverage what is known as “speculative execution,” a technique that most modern CPUs use to optimize performance.

However, speculative execution has “a side effect that can not be recovered when CPU status is released and can result in information leakage,” which can be accessed by bypassing the attack.

Meltdown uses speculative execution to break the isolation between user applications and the operating system, allowing any application to access all system memory, including memory allocated for the kernel.
Meltdown exploits the Intel processor-specific privilege escalation vulnerabilities because speculatively executed instructions bypass memory protection. ”

Unlike the initial reports suggested about Intel chips being vulnerable to some severe ‘memory leaking’ flaws, full technical details about the vulnerabilities have now been emerged, which revealed that almost every modern processor since 1995 is vulnerable to the issues. Disclosed today by Google Project Zero, the vulnerabilities potentially impact all major CPUs, including those from AMD, Engaging post, Read More…

thumbnail courtesy of thehackernews.com

‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/Other OSes will need an update, performance hits loom A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.…… ‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign

 

If you like to receive more of these curated news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Commentaries

read the following related article on Chip Flaw Impacts:

There’s one big problem, however. Fixing this vulnerability in software also comes with a big hit on performance. Additional overhead is introduced to maintain a barrier between memory address spaces, which can result in a performance handicap of 30 percent or more. However, recent Intel processors with PCID (Process-Context Identifiers) enabled could have the performance impact lessened somewhat.

Huge Intel CPU Bug Allegedly Causes Kernel Memory Leak With Up To 30% Performance Hit

https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macosWe should note that squashing the bug requires a patch at the OS level; and Linux patches have already been distributed (with redacted comments). Microsoft is expected to address the bug in its monthly Patch Tuesday update. The circumstances surrounding the exploit are currently under embargo, but some details are starting to make their way to the public spotlight, thanks to reporting over at Python Sweetness and The Register. In a nutshell, the bug allows everyday programs to “illegally” access certain contents in protected kernel memory. The “fix”, so to speak, is to implement Kernel Page Table Isolation (PTI), which, for all intents and purposes, makes the kernel invisible to running processes. In a perfect world, such training wheels shouldn’t be needed to isolate the kernel, but software patches that are nearing release for Windows, Linux and macOS systems will address the exploit head-on. There’s one big problem, however. Fixing this problem in software also comes with a big hit in performance. Additional overhead is introduced to keep a barrier between address spaces, which can result in a performance handicap of 30 percent or more. However, recent Intel processors with PCID (Process-Context Identifiers) enabled could have the performance impact lessened somewhat. The hardware bug… Huge Intel CPU Bug Allegedly Causes Kernel Memory Leak With Up To 30% Performance Hit

 

Intel CPU kernel bug FAQ: Fix for massive security flaw could slow down PCs and Macs

https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.htmlA nasty kernel bug has been discovered in Intel processors that could lead to serious slowdowns in PCs and Macs. Here’s what we know about it so far…. Intel CPU kernel bug FAQ: Fix for massive security flaw could slow down PCs and Macs

 

Read more at https://hothardware.com/news/intel-cpu-bug-kernel-memory-isolation-linux-windows-macos#2gOtB0b3aqZrIYUj.99

Summary:

Memory isolation mechanisms found in modern computer systems should normally prevent applications from reading or writing to kernel memory or accessing the memory of other programs. However, the Meltdown and Spectre attacks bypass these protections. The attack undermined the separation between the user’s account and the operating system, allowing access to the memory of an attacker extracting secret information from other programs and operating systems.

It breaks all the security assumptions offered by the isolation of the address space and the paravirtualized environment, breaking all the security mechanisms built on top of it. There are no software bugs in the mix.

Specter breaks the isolation between applications, allowing attackers to trick legitimate apps into revealing their secrets.

These evasive attacks involve inducing victims to speculatively perform actions that do not occur during the proper execution of the proceedings and bypassing the attacker’s confidential information to the adversary.

This attack is on cloud providers on mobile devices, PCs and cloud infrastructures.

Antivirus is not detected as malware, it may detect malware, and malware that uses these attacks is discovered by comparing binaries.

The crash affects desktops, laptops and cloud computers, affecting every processor starting in 1995, with the exception of Intel Itanium and Intel Atom processors prior to 2013. Researchers at this time only use the Intel processor to test these vulnerabilities, because ARM and AMD processors have not been tested.

Specter affects laptops, smartphones, desktops, and cloud servers, affecting all modern processors that retain with Cloud based data, and  with Intel, AMD, and ARM processors.

Nearly Every CPU’s Since 1995 are Vulnerable to “Meltdown” and “Spectre” Attacks

https://gbhackers.com/meltdown-spectre-attacks/A critical vulnerability published by Google which affects almost all the processors since 1995, the vulnerability resides in “speculative execution” a technique used by modern processors for processor optimization. The hardware bugs Meltdown and Spectre allows an attacker to steal the data that currently processed on the computer it includes the process of personal photos,… Nearly Every CPU’s Since 1995 are Vulnerable to “Meltdown” and “Spectre” Attacks

 

Mitigations Prepared for Critical Flaw in Intel CPUs

http://www.securityweek.com/mitigations-prepared-critical-flaw-intel-cpusResearchers have apparently discovered a serious vulnerability affecting all Intel CPUs. Software-level mitigations have already been developed, but they could cause significant performance penalties. read more…

Mitigations Prepared for Critical Flaw in Intel CPUs

Intel, AMD Chip Vulnerabilities Put Billions of Devices at Risk

http://www.securityweek.com/intel-amd-chip-vulnerabilities-put-billions-devices-riskDetails of “Meltdown” and “Spectre” Attacks Against Intel and AMD Chips Disclosed read more…

Intel, AMD Chip Vulnerabilities Put Billions of Devices at Risk

This means malicious programs can potentially, in a worst case scenario, read the contents of the kernel memory, which can include information like passwords, login keys, and more. It’s not yet clear how severe the bug is, but The Register speculates that it’s significant given the rapid changes being made to Windows and Linux.

At worst, the hole could be abused by programs and logged-in users to read the contents of the kernel’s memory. Suffice to say, this is not great. The kernel’s memory space is hidden from user processes and programs because it may contain all sorts of secrets, such as passwords, login keys, files cached from disk, and so on. Imagine a piece of JavaScript running in a browser, or malicious software running on a shared public cloud server, able to sniff sensitive kernel-protected data.

To fix the bug, the kernel’s memory needs to be isolated from user processes using Kernel Page Table Isolation, which could cause a performance hit on some machines. According to The Register, Linux and Windows machines will see a 5 to 30 percent slowdown once the fix is in place.

It’s not yet clear how Macs will be impacted, as there is little information available at this time. Software updates are in the works for Linux and Windows, and though not mentioned, Apple is also likely working on a fix for the issue.

Full details on what’s known about the vulnerability can be found at The Register, and additional information will be available later this month when complete details on the design flaw are shared.

Intel Chips Have ‘Kernel Memory Leaking’ Design Flaw and Fix Could Lead to Performance Drop

https://www.macrumors.com/2018/01/02/intel-chip-design-flaw/A serious design flaw and security vulnerability has been discovered in Intel’s CPUs that will require an update at the operating system level to fix, reports The Register. All modern computers with Intel chips from the last 10 years appear to be affected, including those running Windows, Linux, and macOS. Similar operating systems, such as Apple’s 64-bit macOS, will also need to be updated – the flaw is in the Intel x86 hardware, and it appears a microcode update can’t address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder.Full details on the vulnerability aren’t yet known as the information is currently under embargo until later in the month. The Register has unearthed some data, however, and it seems the bug allows normal user programs to see some of the contents of the protected kernel memory. This means malicious programs can potentially, in a worst case scenario, read the contents of the kernel memory, which can include information like passwords, login keys, and more. It’s not yet clear how severe the bug is, but The Register speculates that it’s significant given the rapid changes being made to Windows and… Intel Chips Have ‘Kernel Memory Leaking’ Design Flaw and Fix Could Lead to Performance Drop

Possible Remedy:

“The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. These KPTI patches move the kernel into a completely separate address space, so it’s not just invisible to a running process, it’s not even there at all. Really, this shouldn’t be needed, but clearly there is a flaw in Intel’s silicon that allows kernel access protections to be bypassed in some way.”

In theory, this vulnerability could be exploited to defeat the kernel address space layout randomization protection (KASLR), allowing malware to place – and later find and make use of – components in the kernel’s virtual memory. Also, it might be possible for malicious programs to read the contents of the kernel’s memory, and thus gain access to passwords and other sensitive data.

The reporters also pointed to an explanation offered by AMD software engineer Tom Lendacky on why AMD processors are not affected by this flaw, and posted that the underlying problem might be in the Intel processors’ use of speculative execution.

The Register reports that “Programmers are scrambling to overhaul the open-source Linux kernel’s virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.”

The tech site added, “Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products.”

Upcoming patches for security flaw in Intel processors expected to slow down computers

https://www.helpnetsecurity.com/2018/01/03/patches-security-flaw-intel-processors/Windows users whose PCs run on Intel processors can apparently expect their computers to slow down after next Tuesday. In fact, all computers using modern Intel chips – whether they run Windows, Linux or macOS – are expected to suffer a performance hit in the coming days. The reason for this unwelcome change is a fundamental design flaw discovered in Intel’s processor chips, more specifically in the Intel x86-64 hardware, which will have to be … More →… Upcoming patches for security flaw in Intel processors expected to slow down computers

Intel CPU kernel bug FAQ: Fix for massive security flaw could slow down PCs and Macs

https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.htmlA nasty kernel bug has been discovered in Intel processors that could lead to serious slowdowns in PCs and Macs. Here’s what we know about it so far…. Intel CPU kernel bug FAQ: Fix for massive security flaw could slow down PCs and Macs

 

 

If you like to receive more of these curated news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/  to read further CyberWisdom Commentaries.

 

 

2 Comments

Add a Comment

Your email address will not be published. Required fields are marked *