Tuesday, March 5th 2019

Spoiler Alert: New Security Vulnerability Found Affecting Intel CPUs

A new security vulnerability has been found that only affects Intel CPUs - AMD users need not concern regarding this issue. Dubbed Spoiler, the newfound security vulnerability was discovered by the Worcester Polytechnic Institute in partnership with the University of Lübeck, and affects all Intel CPUs since the introduction of their Core architecture. This vulnerability too affects Intel's speculative execution design, and according to the researchers, works independent of OS, virtual machine, or sandboxed environments.

As the researchers explain, Intel's speculative execution of certain memory workloads requires the full physical address bits for the information in memory to be known, which could allow for the full address to be available in user space - allowing for privilege escalation and other microarchitectural attacks. According to the researchers, a software solution to this problem is impossible, which means this is yet another silicon-level bug that needs to be addressed in future processor designs.
Source: White Paper
Add your own comment

114 Comments on Spoiler Alert: New Security Vulnerability Found Affecting Intel CPUs

#26
John Naylor
yeeeeman said:
The people commenting here are just...out of this world. People still don't understand that these vulnerabilities don't have absolutely any importance to normal consumers. Who cares about your games and photos?
Agreed, I don't understand why this topic is sensationalized everywhere or why asking if any instance of consumers or enthusiasts being negatively impacted has ever been reported is prohibited .
Posted on Reply
#27
dicktracy
More reason to upgrade to Ice Lake
Posted on Reply
#28
moproblems99
John Naylor said:
this topic is sensationalized everywhere
In my opinion, it is great that security is finally getting highlighted. Now people will understand that 90% of business don't give two poos about protecting your data. This may not be a problem for consumers...until it is. Just remember the processors sitting in all those data centers holding all of your data. Then you find out that every piece of software and hardware you use on a daily basis makes Swiss cheese look like concrete because security and privacy is the first thing that gets thrown out the windows when the budget hammer comes down. Disgusting, frankly.

Truth be told, 9/10 users don't need to worry about this. Most of these attacks require people that actually know what they are doing. The morons will get sniffed out before they have a chance to do anything.
Posted on Reply
#29
windwhirl
I guess Intel engineers are probably feeling a bit like "OH ~$%&ING COME ON! $&@#! THIS @€$# AGAIN!? *$%#@!!"

That aside, considering what seems to be a never-ending parade of vulnerabilities, I'm wondering if Intel and AMD should consider investing heavily in R&D to maybe one day launch CPUs that do not rely on speculative execution to get work done fast. I know I'd do.
Posted on Reply
#30
Darmok N Jalad
windwhirl said:
I guess Intel engineers are probably feeling a bit like "OH ~$%&ING COME ON! $&@#! THIS @€$# AGAIN!? *$%#@!!"

That aside, considering what seems to be a never-ending parade of vulnerabilities, I'm wondering if Intel and AMD should consider investing heavily in R&D to maybe one day launch CPUs that do not rely on speculative execution to get work done fast. I know I'd do.
All your high performance, out-of-order CPU makers use speculative execution--it's a key component of OeOE. The benefits of the technology are huge. Without it, the CPU spends a lot of time waiting when it could be doing more work. Maybe on the day system memory is as fast as the CPU, it (and the various cache stages) will no longer be needed, or maybe the benefit of SE will be less. Still, each CPU maker implements SE differently, so vulnerability largely depends on the design.
Posted on Reply
#31
eidairaman1
The Exiled Airman
CounterZeus said:
The tested AMD CPU was one bulldozer chip (AMD A6-4455M). So no confirmation if Zen is affected or not.
bulldozer it is not...

Piledriver it is
Posted on Reply
#32
Caring1
Wait, how many average home users of computers has this affected exactly, now or in the past?
I'm talking about all prior vulnerabilities affecting processors as well.
I doubt one single average joe has been affected.
Posted on Reply
#33
moproblems99
Caring1 said:
Wait, how many average home users of computers has this affected exactly, now or in the past?
I'm talking about all prior vulnerabilities affecting processors as well.
I doubt one single average joe has been affected.
That depends, how many average Joe's had their data stolen from a data center?
Posted on Reply
#34
yakk
This is seriously making a good case to not have Intel CPUs for mission critical servers & stations.
Posted on Reply
#35
Caring1
moproblems99 said:
That depends, how many average Joe's had their data stolen from a data center?
I was one of thousands that did, but that was a data centre, not at individual at home, and it was a normal data breach by hacking.
Posted on Reply
#36
hat
Enthusiast
yakk said:
This is seriously making a good case to not have Intel CPUs for mission critical servers & stations.
Maybe not. Security through obscurity is not real security. Meaning, if all the data centers switched to AMD tomorrow, I don't think it would be very long before their flaws are discovered. I'm not saying there are (or aren't) flaws to be found, just saying Intel is the bigger target, so it makes sense we hear about Intel more often than AMD.

...But that also doesn't excuse all the Intel flaws, either. They've definitely got to do something about all this. If I were managing a datacenter, I would be none too happy about hearing about another Intel security flaw for the umpteenth time. Especially one that can't be patched by software, which means now I have to wait (for an unknown period of time while I run unsecure hardware) until I can spend more money on (maybe) secure hardware! Ridiculous.
Posted on Reply
#37
GoldenX
If we used VIA this wouldn't happen.
Posted on Reply
#38
mtcn77
hat said:
Maybe not. Security through obscurity is not real security. Meaning, if all the data centers switched to AMD tomorrow, I don't think it would be very long before their flaws are discovered. I'm not saying there are (or aren't) flaws to be found, just saying Intel is the bigger target, so it makes sense we hear about Intel more often than AMD.

...But that also doesn't excuse all the Intel flaws, either. They've definitely got to do something about all this. If I were managing a datacenter, I would be none too happy about hearing about another Intel security flaw for the umpteenth time. Especially one that can't be patched by software, which means now I have to wait (for an unknown period of time while I run unsecure hardware) until I can spend more money on (maybe) secure hardware! Ridiculous.
You know this would make the stage for an all new Robocop movie...
Posted on Reply
#39
laszlo
cpu is designed by man therefore is a flawed product from start.

we'll never know how many unknown design errors exist in a cpu as finding a way to by-pass certain hardware security using software is considered a bug

seems some people are smarter :respect: than cpu design teams and their computers which ran the security checks ....
Posted on Reply
#40
NC37
ArbitraryAffection said:
laughs in Ryzen

Only thing left with an Intel processor in the house is mum's old Toshiba P750 laptop with a i5 2410M from 2011. I'm waiting for it to die so I can get her a Raven Ridge machine like my Envy x360, Super happy with it, especially now the drivers from the main stack can be used on the 2500U.
As with all HP machines...wait for it. Happiness starts falling apart as soon as you realize how many corners they cut in construction. Heh...
Posted on Reply
#41
mtcn77
NC37 said:
As with all HP machines...wait for it. Happiness starts falling apart as soon as you realize how many corners they cut in construction. Heh...
Tablets are the best. 300gr polycarbonate+corning, even the volume buttons are loose from impacts, can drop it around all day.
Posted on Reply
#42
ArbitraryAffection
NC37 said:
As with all HP machines...wait for it. Happiness starts falling apart as soon as you realize how many corners they cut in construction. Heh...
it seems okay? i've had it a couple months and everything seems solid, i even took it apart to replace the ssd with a bigger one.
Posted on Reply
#43
lexluthermiester
jmcslob said:
I just went from Ryzen to an I7 and I just put my kids on Ryzen and it looks like I'm going back that way too.
I'm not worried about S/M or this but I'm starting to get a bad feel for Intel again.
Don't make that jump too quick. These kinds of vulnerabilities are useless against normal users and are near impossible to pull off remotely.
Posted on Reply
#44
hat
Enthusiast
lexluthermiester said:
Don't make that jump to quick. These kinds of vulnerabilities are useless against normal users and are near impossible to pull off remotely.
Agreed. Worry about it if you're a datacenter or something. This attack requires physical access, as does Meltdown and Spectre IIRC (but NetSpectre can be used over a network... but would still require access to your network, in some way).
Posted on Reply
#45
P4-630
The Way It's Meant to be Played
"
Updated to add
An Intel spokesperson told us after publication that it hopes applications can be built in future to defend against SPOILER attacks, or hardware protections can be deployed:

Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research."

https://www.theregister.co.uk/2019/03/05/spoiler_intel_processor_flaw/
(scroll to the bottom)
Posted on Reply
#46
lexluthermiester
P4-630 said:
"
Updated to add
An Intel spokesperson told us after publication that it hopes applications can be built in future to defend against SPOILER attacks, or hardware protections can be deployed:

Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research."

https://www.theregister.co.uk/2019/03/05/spoiler_intel_processor_flaw/
(scroll to the bottom)
The research paper for this is a very tedious read, but also very enlightening. Worth a read;
https://arxiv.org/pdf/1903.00446.pdf
Posted on Reply
#47
moproblems99
hat said:
This attack requires physical access
No, it doesn't.
Posted on Reply
#48
lexluthermiester
moproblems99 said:
No, it doesn't.
While that is true, the default Windows config doesn't allow for remote exploitation. A user/admin would need to deliberately open up a system to be vulnerable, which no one is foolish/stupid enough to do, effectively making physical access a requirement.
Posted on Reply
#49
jmcslob
lexluthermiester said:
Don't make that jump too quick. These kinds of vulnerabilities are useless against normal users and are near impossible to pull off remotely.
This more or less gives me (absolutely no reason) a good reason to pickup a b450 Mobo since I have a spare AM4 CPU that needs used, ( after I get a Mobo for it I'll more than likely order a better CPU since its a 9600) since I hate having stuff so around doing nothing (I may be a tech Horder in need of help)

On a serious note, I don't think anything will ever come if this other than some type of patch.
Posted on Reply
#50
moproblems99
lexluthermiester said:
While that is true, the default Windows config doesn't allow for remote exploitation. A user/admin would need to deliberately open up a system to be vulnerable, which no one is foolish/stupid enough to do, effectively making physical access a requirement.
If that were true, things like privilege escalation exploits wouldn't exists. The truth is, if someone wants your data, they will get it. No matter where it is. At home, a data center, your phone. The web is fundamentally insecure.

The security that most of us have is that we are simply not interesting enough or profitable enough to target as individuals. That is why corporations and data centers are the target. You can bury your head in the sand all you want but it doesn't change anything.
Posted on Reply
Add your own comment