All Intel processors affected by memory leaking vulnerability

ClementChong

Senior Member
Deluxe Member
Joined
Sep 10, 2002
Messages
824
Reaction score
14
In addition to the Microsoft's 3 January Patch, I have modified my motherboard's BIOS to include the latest CPU microcode.
So far, Intel has released microcode update for Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake.

PS C:\Windows\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: True [not required for security]


BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True
 

gld998

High Supremacy Member
Joined
Feb 21, 2008
Messages
36,619
Reaction score
1,271
FML... I got over 300 physical servers to patch.. TQ Intel!! :(
 

ArcticCheetah

Banned
Joined
Apr 16, 2009
Messages
36,000
Reaction score
2,088
Spectre is more like a PR spin for Intel to distract the dumb pple.
Just like how certain groups like to drum up small issues to distract the blame.
The crazy bug is Meltdown not Spectre, NO SANE Processor should leak privileged kernel mode memory to userspace.
Branch prediction need to check address spaces before doing attempting speculative execution and returning the data to the cpu cache.
Meltdown turn Intel Processor to the days where there is zero memory protection
 

Kairos

Senior Member
Joined
Jul 3, 2009
Messages
2,252
Reaction score
63
Correct me if I am wrong. :o


Spectre Variant 1: Bounds Check Bypass

>> Solution: Need a new designed CPU


Spectre Variant 2: Branch Target Injection

>> Solution: KB4056892 and new BIOS/DIY


Meltdown: Rogue Data Cache Load

>> Solution: KB4056892
 

ClementChong

Senior Member
Deluxe Member
Joined
Sep 10, 2002
Messages
824
Reaction score
14
Correct me if I am wrong. :o


Spectre Variant 1: Bounds Check Bypass

>> Solution: Need a new designed CPU


Spectre Variant 2: Branch Target Injection

>> Solution: KB4056892 and new BIOS/DIY


Meltdown: Rogue Data Cache Load

>> Solution: KB4056892

Spectre Variant 1: Software fix (low performance impact), no need for new CPU.
Spectre Variant 2: Software fix plus CPU microcode update (For those CPUs older than Haswell, you are out of luck for now).
Meltdown: Software workaround (performance impact can be high on certain types of workload), AMD CPUs not affected so no performance impact for AMD.
 

chong

Supremacy Member
Joined
Jan 1, 2000
Messages
5,037
Reaction score
35
In addition to the Microsoft's 3 January Patch, I have modified my motherboard's BIOS to include the latest CPU microcode.
So far, Intel has released microcode update for Haswell, Broadwell, Skylake, Kaby Lake, Coffee Lake.

PS C:\Windows\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: True [not required for security]


BTIHardwarePresent : True
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : True
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : False
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True

I guess from your sig that you're running Broadwell, but are you getting WHEA errors after the microcode update like these guys on Haswell?

http://www.overclock.net/t/1645289/...spectre-performance-and-stability-differences
 

greenbubble

High Supremacy Member
Joined
Jan 1, 2000
Messages
35,193
Reaction score
2,148
Good news for Intel. There will be a wave of pc/server replacement due to the performance penalty.
 

Gattberserk

Arch-Supremacy Member
Joined
Jan 26, 2008
Messages
10,312
Reaction score
669
Intel CEO has inside intel for being inside intel and sold of 24 Million worth of stock in november.

Google has informed Intel months before it's CEO decided to get rid of part of his shares. And finally the bug came to light and intel's stock prices plummet...

Intel is as shady as ever. This is basically insider trading and highly illegal.

On the other hand, Microsoft patch has been pushed out. Intel need to push out a firmware update to fix the issue completely. There seem to be no performance hit on games according to recent Hardware Unboxed youtube video testing the latest patch on Intel's i7-8700K.

The problem is that Intel CEO play by the rule (in fact exploit on its loophole) and hence isnt guilty of Insider trading. He did wait till 90 days before selling his stock and that is why Intel has been tight tipped about it till now lol.
 

haylui

High Supremacy Member
Joined
Jul 18, 2006
Messages
29,806
Reaction score
92
Spectre is more like a PR spin for Intel to distract the dumb pple.
Just like how certain groups like to drum up small issues to distract the blame.
The crazy bug is Meltdown not Spectre, NO SANE Processor should leak privileged kernel mode memory to userspace.
Branch prediction need to check address spaces before doing attempting speculative execution and returning the data to the cpu cache.
Meltdown turn Intel Processor to the days where there is zero memory protection


Now many people believe that PR. Even other company released statement and result on tests, still not as strong as Intel one.
 

watzup_ken

High Supremacy Member
Joined
Nov 21, 2003
Messages
25,491
Reaction score
1,930
The problem is that Intel CEO play by the rule (in fact exploit on its loophole) and hence isnt guilty of Insider trading. He did wait till 90 days before selling his stock and that is why Intel has been tight tipped about it till now lol.

He did, but with facts showing that he already knew about these exploits from Google prior to him dumping his shares could shine a new light on whether he is guilty of insider trading or not. Not to mentioned he sold everything, just the minimal number of shares required. That sounds real shady to me.
 

ClementChong

Senior Member
Deluxe Member
Joined
Sep 10, 2002
Messages
824
Reaction score
14
meanwhile..

asrock never acknowledges SA-00086 on anything older than skylake bah :crazy:

AFAIK, for those older than Skylake CPUs, you are only impacted if the motherboard is using the 5MB ME firmware, most consumer retail motherboards are using the 1.5MB ME firmware.

I think you could also temporarily workaround the issue by using a 3rd party add-on NIC card instead and disable the onboard NIC (if ME cannot listen on 3rd party NIC then no remote exploit can be performed).
 
Important Forum Advisory Note
This forum is moderated by volunteer moderators who will react only to members' feedback on posts. Moderators are not employees or representatives of HWZ. Forum members and moderators are responsible for their own posts.

Please refer to our Community Guidelines and Standards, Terms of Service and Member T&Cs for more information.
Top