Thread: All Intel Processors Made in the Last Decade Might Have a Massive Security Flaw

Essentially, modern Intel processors have a design flaw that could allow malicious programs to read protected areas of a device’s kernel memory (memory dedicated to the most essential core components of an operating system and their interactions with system hardware). This flaw could potentially expose protected information like passwords. Since the error is baked into the Intel x86-64 hardware, it requires an OS-level overwrite to patch—on every major operating system, including Windows, Linux, and macOS.


https://www.theregister.co.uk/2018/0...u_design_flaw/

design flaw

...or maybe a design feature...

"Intel Israel's biggest contribution has been in the development of microprocessors, which are being used in a wide variety of products, for desktop, mobile, and workstation solutions," says Friedman. "We also do work on connectivity products and security technologies here, as well as development of digital devices."

August 2012:
Israel Inside: A history of Intel's R&D in Israel | ZDNet

Some researchers found a way to circumvent the OS on an Intel chip. Discovery disclosed to Intel before anyone has the chance to exploit the problem. The rest is just sensationalist journalism, something we seem to have to live with nowadays.

It's not just Intel, unfortunately.

It's a technique for predictive processing that leaves things vulnerable.

Yes, even that iShit is affected, as are AMD processors.

Everyone is releasing patches if they haven't done already, so if you're the sort of dimwit that never applies them carry on as normal.

Otherwise it will get mitigated as you update.

If you are using a third party AV, check that it is compatible with Microsoft or it might block the update.

Windows Meltdown-Spectre fix: How to check if your AV is blocking Microsoft patch | ZDNet

Meltdown is Intel specific, Spectre affects all processors. According to this:

Intel Chip Problem: Myth-busting the Meltdown and Spectre CPU flaws

They also say this:

Microsoft has released a compulsory maintenance update, dubbed the ‘Kaiser patch’, for Windows 10, designed to protect your computer from a major security flaw present in all modern Intel processors – in fact, virtually all microprocessors are thought to be affected. Worse still, there’s a chance the patch could cause your system’s performance to suffer.

Originally Posted by SKkin

Meltdown is Intel specific, Spectre affects all processors. According to this:

Intel Chip Problem: Myth-busting the Meltdown and Spectre CPU flaws

They also say this:

They're not wrong.

If you take away predictive processing, then it seems logical that things will slow down.

Having said that, people like Google and Amazon have said they haven't noticed any significant performance degradation, and I think they might have a few servers laying around...

Hmmmmm

Intel was hit the hardest by Spectre and Meltdown and the company’s stock lost 6 percent in value shortly after the disclosure. The company’s CEO, Brian Krzanich, sold all the stock he was legally allowed to, worth roughly $24 million, just before the news broke, which has raised insider trading concerns. Intel claims Krzanich had been planning on selling stock for months, but Intel has reportedly known about the vulnerabilities since April 2017.

https://www.us-cert.gov/ncas/alerts/TA18-004A

fucking safe here with my Pentium 133Mhz

also, fucking lab hackware, impossible to exploit in real life, all data centers ops are in full panic mode, I am being bombarded with alarmist emails from those fookers, for hundreds of my servers

fooking idiots, I am not patching

Originally Posted by Dragonfly

fucking safe here with my Pentium 133Mhz

also, fucking lab hackware, impossible to exploit in real life, all data centers ops are in full panic mode, I am being bombarded with alarmist emails from those fookers, for hundreds of my servers

fooking idiots, I am not patching

I think you're pretty safe Buttplug. You haven't got anything worth nicking apart your voluminous collected of perverted queer porn.

Originally Posted by harrybarracuda

You haven't got anything worth nicking apart your voluminous collected of perverted queer porn.

interesting that you'd consider that worth nicking.

Harry owned by his own words, he outed himself

don't worry harry, no need to hack any backdoor to get my gay porn, I will gladly share it for free

Originally Posted by raycarey

interesting that you'd consider that worth nicking.

Based on percentages alone, I'm pretty sure there are gay hackers. Probably even carpet munchers too.

Interesting that you picked up on this point though. See Buttplug's offer above for more.

Microsoft says older Windows versions will face greatest performance hits after Meltdown, Spectre patches

Windows 7 and Windows 8 users will notice the greatest decrease in system performance after the processor patches are applied.


Microsoft has confirmed that users of older versions of Windows should expect to "notice a decrease in system performance" after they apply system patches to protect against the Meltdown and Spectre processor bugs.


The bugs, which affect mostly Intel processors but also some ARM and AMD chips, expose the majority of the world's computers and phones to speculative execution side-channel attacks.


A successful attack could read portions of protected, sensitive memory, such as passwords and other secrets.


Microsoft released security updates on January 3 to fix the issue at the operating system level. Intel also issued updates for its microcode.


In changing the way that Windows accesses the computer's memory, Microsoft has conceded that users may experience performance hits -- depending on the age of their computer's processor and version of Windows.


Microsoft's Terry Myerson said in a blog post that Windows 7 and Windows 8 users running older processors, like 2015-era Haswell or older chips, will be most affected by performance issues.


That's because older versions of Windows have more user-kernel transitions, such as font rendering taking place in the kernel.


In a call Monday, Microsoft said there would be some scenarios where performance might noticeably change, such as longer boot times.


Windows 10 users also running older hardware may show "more significant slowdowns," with the company expecting "some users will notice a decrease in system performance."


But Windows 10 users running newer, 2016-era Skylake and Kabylake or later processors will be largely unscathed by any slowdowns, Microsoft said, "because these percentages are reflected in milliseconds."


The software giant has yet to publish benchmarks -- something it said will land in the coming weeks.


Intel said in a blog post, however, that the typical home and business PC user should not see significant slowdowns in common tasks such as reading email, writing a document or accessing digital photos."


If you haven't received the patches already, it's likely as a result of your antivirus blocking the updates.


Microsoft said this week that it won't deliver the Meltdown and Spectre patches, or future security updates, to customers if they're running third-party antivirus that aren't confirmed to be compatible with Windows.


It's understood that the company shut out Windows users with incompatible antivirus because of the risk to instability and blue-screen system crashes.


Third-party Windows antivirus products must set a Windows registry key for customers to receive the update via Windows Update. Many antivirus makers have said they will not make the necessary changes, however.

Microsoft says older Windows versions will face greatest performance hits after Meltdown, Spectre patches | ZDNet

awesome, I am safe with WinXP

another reason why upgrading is pointless

Originally Posted by Dragonfly

awesome, I am safe with WinXP

another reason why upgrading is pointless

No, it's just that no fucker is going to patch XP, they'll just leave the c u n t open you stupid boy.

The Linux community were mulling over naming the patch: "Forcefully Unmap Complete Kernel With Interrupt Trampolines"

No doubt there are attempts to exploit customers by getting them to update to new hardware...

Originally Posted by harrybarracuda

2015-era Haswell or older chips

So AMD processors won't be affected?

Originally Posted by harrybarracuda

Microsoft said this week that it won't deliver the Meltdown and Spectre patches, or future security updates, to customers if they're running third-party antivirus that aren't confirmed to be compatible with Windows.

douchebags...

Originally Posted by SKkin

So AMD processors won't be affected?

They are affected and apparently AMD have not done a brilliant job of providing patches because Microsoft are pulling them.

douchebags...

Huh?

Antivirus vendors working outside the APIs have been causing BSODs, so what's wrong with Microsoft telling them the fix their fucking code?

Originally Posted by Troy

The Linux community were mulling over naming the patch: "Forcefully Unmap Complete Kernel With Interrupt Trampolines"

No doubt there are attempts to exploit customers by getting them to update to new hardware...

Well who do you want exploiting you, INTEL/AMD/Apple or a Russian organised crime gang?

I suppose it's your choice really....

?The Linux vs Meltdown and Spectre battle continues | ZDNet

^^What hoops do the 3rd-party antivirus outfits have to jump through to be determined compatible with Windows?

Originally Posted by SKkin

^^What hoops do the 3rd-party antivirus outfits have to jump through to be determined compatible with Windows?

As far as I know they need to stop doing silly kernel calls, show Microsoft that they've done it and then drop the Registry key when they install.

https://docs.google.com/spreadsheets...it?usp=sharing

^I use avast, malwarebytes and windows defender...guess I'm good to go with my AMD processor.

AMD A4-7300 APU with Radeon HD Graphics

So far still working but I don't know if Windows automatically updated or not. Best to leave sleeping dogs lie maybe...