'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'other security issues & news' started by Minimalist, Jan 2, 2018.

  1. plat1098

    plat1098 Guest

  2. mary7

    mary7 Registered Member

    Joined:
    Oct 17, 2017
    Posts:
    57
    Location:
    Italy
    re do with version 1.0.4 so for meltdown is patched,for spectre no because of microcode
     

    Attached Files:

    • 1.PNG
      1.PNG
      File size:
      17 KB
      Views:
      21
    Last edited: Jan 7, 2018
  3. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    The website test doesn't show if your computer is vulnerable or not!!

    Correct:
    https://twitter.com/MichalPurzynski/status/949943285551788032
     
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
  5. daman1

    daman1 Registered Member

    Joined:
    Mar 27, 2009
    Posts:
    1,292
    Location:
    USA, MICHIGAN
    So it looks like I'm good, yes? no? o_O
     

    Attached Files:

  6. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,001
    Location:
    Member state of European Union
    @mary7
    I don't know Safe Money, but I have some recomendations.
    If one want to login into bank account I would recommend following steps to mitigate risk of leaking cookies (aside NoScript) by Spectre attack.
    1. Exit browsers
    2. Run browser again (it may be Safe money), but with only one tab: your bank login page.
    3. Don't open any other tabs until you complete transaction.
    4. Logout
    5. Go to "about:blank" page. Delete cookies (Ctrl-Shift-Delete shortcut)

    Of course update your firmware (or other way to update microcode), OS, browser and other apps and follow other trustworthy recommendations to mitigate Spectre.
     
  7. plat1098

    plat1098 Guest

    Machines here also read as still "vulnerable" to Spectre but I'll wait for Lenovo to issue the mitigation for that. So far, there is none available but reportedly it's not as dire as Meltdown. I made certain to apply every chipset, BIOS and firmware update via Lenovo, as well as the Windows kb4056892. Unless Intel provides replacement CPUs (yeah right), that's the extent of it, applying all available software and firmware mitigations.
     
  8. Infected

    Infected Registered Member

    Joined:
    Feb 9, 2015
    Posts:
    1,134
  9. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
  10. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,001
    Location:
    Member state of European Union
    From the context from Linux kernel docs and VMware tool for Windows I infer that it must be loaded every time CPU is powered down.
    1. Shutdown, then turn on -> needs to be loaded again
    2. Reboot -> needs to be loaded again
    3. Sleep -> probably needs to be loaded again
     
  11. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I assume this means via the processor driver. Somewhat shown by prior posting of VMWare driver doing likewise.
     
  12. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Also an interesting point in regards to the VMWare driver installation instructions:
    https://labs.vmware.com/flings/vmware-cpu-microcode-update-driver#instructions

    This implies the following:

    1. The VMWare driver only supports Intel firmware updating.
    2. You can update an AMD processor microcode with an Intel firmware update?
     
  13. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    It isn't permanent. Its loaded into the kernel using a driver on startup up. If you boot some other OS (say a recovery drive) the CPU microcode version stays at the level of the BIOS/UEFI code.
    This can be done using the VMware Microcode Update Driver. I don't know of another way to do it.

    If you go down this route and subsequently get a bios update you can easily uninstall the driver.

    At the moment though Intel haven't released an appropriate "microcode.dat" file to mitigate these bugs, though binary microcode data has been issued to some manufacturers and linux distros.
    They will probably update this file for older linux distros at some point, then the file can be downloaded (it's the linux file that is used, even for windows). If they don't update the file it will be because
    they would rather people buy new systems/CPUs so we'll see.
     
  14. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    599
    Location:
    UK
    No both are supported. To install AMD microcode you need the AMD microcode file and an "empty" intel microcode.dat file.
    The installer checks both files are present but only installs the right one for your system. This is crazy and lazy code but it does work. You can hack the install.bat script and make one that's specific to your CPU type if you know what you are doing.
     
  15. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    What Didier Stevens wrote to me:

     
  16. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
  17. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,342
    Location:
    Italy
    Last edited: Jan 7, 2018
  18. porrkanon

    porrkanon Registered Member

    Joined:
    Mar 29, 2014
    Posts:
    57
    what if you have (like ive had for years ) a separate firefox profile for banking. no other site has ever been loaded in that profile
     
  19. mary7

    mary7 Registered Member

    Joined:
    Oct 17, 2017
    Posts:
    57
    Location:
    Italy
    I have anonymus browsing so The browser doesn t Save cookies or site cache, si correct?
     
  20. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    @Mister X previously posted KB4058702 needs to be installed prior to KB4056892. I did install KB4056892 first and didn't have any issues. But I also have an AMD processor that might be the reason their are no issues. In any case and to play it safe, I uninstalled KB4056892 and then reinstalled it.

    Ref.: http://windowsreport.com/kb4056892-issues/ - appears you are far from alone.
     
    Last edited: Jan 7, 2018
  21. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,001
    Location:
    Member state of European Union
    By default it saves, but it deletes it sooner. You probably would not login into bank account with cookies completely disabled.

    My primary point is: don't use more than one tab in browser (like in old days when there were not tabs in browsers) if you are doing something that needs extra security such as logging to bank account.
    You can also have separate Firefox profile for profiles as porrkanon said. In that approach you could even whitelist bank domains , but I didn't do that, so I don't know whether there is such addon for whitelisting.
     
  22. guest

    guest Guest

    Owners of an ASUS motherboard can have a look at the following page to see if a BIOS update is available:

    ASUS Motherboards Microcode Update for Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method
    January 5, 2018
     
  23. Special

    Special Registered Member

    Joined:
    Mar 23, 2016
    Posts:
    454
    Location:
    .
    Guess my Asus P8Z77-V LK Motherboard is boned eh?
     
  24. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    5,554
    Location:
    USA still the best. But barely.
    I just thought, this is a genius idea to sell new hardware.

    Now that the 3letters other ways to know everything.

    These "flaws" don't need to be kept secret.
     
  25. B-boy/StyLe/

    B-boy/StyLe/ Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    510
    Location:
    Bulgaria
    Usually this warning means the system is not protected regarding the instructions on the site:

    I had the same error before I applied the patch for 8.1 x64.

    Now I am seeing this:

    http://i.imgur.com/vQF0tIe.png
    http://i.imgur.com/WiFa6Y6.png
    and I am waiting for the microcode update.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.