'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

That tool says this machine is not vulnerable. Two more to check.

 

The tool posted by @NICK ADSL UK is about a different, older vulnerability.

 

Ah, OK. Well my two older machines are OK by that tool but my newer machine is still vulnerable.

 

This is going to have a huge impact on OEMs. Why would they stay with Intel after this and on the heels of the IME/AMT fiasco ? Public perception, even if it is only the most informed users, is going to impact sales. Consumers are not Intel's largest market, but the enterprise is. Bad timing to have this revealed as it is only two years before enterprises have to go W10 or face Microsoft's wrath. Enterprises are buying workstations in the thousands.

Secondly, if this patch results in a relatively new Intel based system suffering a 30% performance hit, just imagine how much fun that is going to be when the coin miners pile on. It will be a basically unusable system. Money circling the drain.

 

Link: https://meltdownattack.com/

 

If this affects gamers I expect holy **** to rain down upon Intel.

 

True. Although the perf hit may not be so bad if the cpu supports PCID feature. I used Sysinternals CoreInfo CLI app to determine this on my ultrabook.

 

Consumer guidance here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

It's quite detailed. Some minor info on perf:

 

Chrome/Chromium browser related take on mitigation efforts...

Actions Required to Mitigate Speculative Side-Channel Attack Techniques
Link: https://www.chromium.org/Home/chromium-security/ssca

 

Firefox mitigations: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

 

A clear and concise explanation
https://meltdownattack.com/

Meltdown and Spectre

Meltdown
"every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013)."

Spectre
"Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors."

 

SpecuCheck by Alex Ionescu

SpecuCheck is a Windows utility for checking the state of the software mitigations against CVE-2017-5754 (Meltdown) and hardware mitigations against CVE-2017-5715 (Spectre)

Link: https://github.com/ionescu007/SpecuCheck

 

"Serious Intel CPU design flaw may require a Windows patch, but probably won't affect gaming performance

The fix can hurt performance in specific scenarios, but your frame rates will likely stay high..."

http://www.pcgamer.com/serious-inte...-but-probably-wont-affect-gaming-performance/

 

"...Spectre, affects most processors now in use, though the researchers believe this flaw is more difficult to exploit. There is no known fix for it, and it is not clear what chip makers like Intel will do to address the problem...

Spectre is a problem in the fundamental way processors are designed, and the threat from Spectre is 'going to live with us for decades,' said Mr. Kocher, the president and chief scientist at Cryptography Research, a division of Rambus...

'Whereas Meltdown is an urgent crisis, Spectre affects virtually all fast microprocessors,' Mr. Kocher said. An emphasis on speed while designing new chips has left them vulnerable to security issues, he said...

A fix may not be available for Spectre until a new generation of chips hit the market.

'This will be a festering problem over hardware life cycles. It’s not going to change tomorrow or the day after,..' ”

https://www.nytimes.com/2018/01/03/...column-region&region=top-news&WT.nav=top-news

 

"...Microsoft, which uses Intel chips said it would roll out security updates on Thursday [for Meltdown], adding it had no information suggesting any compromised data..."

http://www.bbc.com/news/technology-42561169

 

Lotsa good info here:

https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/

M$ to issue a patch in its next Tuesday dump.

One area highly impacted is servers running in VM.

Two separate issues - Meltdown & Spectre - the former worse than the latter.

 

Depends how you look at it, meltdown can and will be mitigated at the OS. Spectre is reportedly harder to exploit but there is no known fix. Which one do you think hackers all over the world are right now working on?

 

That tool is available now.

https://github.com/ionescu007/SpecuCheck/releases

 

Excellent, thank you. Looks like the Microsoft patches worked for my machine and the hardware support is there too.

There is a Microsoft module for PowerShell that was just released but I can't get it to work. The tool by Alex seems more detailed anyhow.
MS tool: https://support.microsoft.com/en-us...or-it-pros-to-protect-against-speculative-exe

 

If I run SpeckuCheck.exe I see pop-ups but no output, dunno what I'm doing wrong ...

 

I haven't bothered because until I receive a patch I'm almost certain my machines are vulnerable.

 

I don't think so. History repeats itself.
https://marc.info/?l=openbsd-misc&m=118296441702631

 

I think it's a lie and once these patches are applied gamers are going to be ******.

 

These patches (maybe there be more later) are applied to Linux kernel and gaming performance doesn't changed. Phoronix done benchmarking using Steam games like CS:GO, Dota 2, F1 2017 on Gnu/Linux system.
https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-Initial-Gaming-Tests

Data centers are in worse situation, but they are not regular consumers.

 

Well, older is relative, I just meant to clarify that it is not the same vulnerability. It does indeed only affect newer CPU's.
More info in this thread, starting with post #6:
https://www.wilderssecurity.com/thr...roller-on-intel-chipsets.396385/#post-2720258