• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel Released "Coffee Lake" Knowing it Was Vulnerable to Spectre and Meltdown

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
39,268 (8.42/day)
Location
Hyderabad, India
Processor AMD Ryzen 7 2700X
Motherboard ASUS ROG Strix B450-E Gaming
Cooling AMD Wraith Prism
Memory 2x 16GB Corsair Vengeance LPX DDR4-3000
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) Creative Sound Blaster Recon3D PCIe
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Microsoft Sidewinder X4
Software Windows 10 Pro
By the time Intel launched its 8th generation Core "Coffee Lake" desktop processor family (September 25, 2017, with October 5 availability), the company was fully aware that the product it is releasing was vulnerable to the three vulnerabilities plaguing its processors today, the two more publicized of which, are "Spectre" and "Meltdown." Google Project Zero teams published their findings on three key vulnerabilities, Spectre (CVE-2017-5753 and CVE-2017-5715); and Meltdown (CVE-2017-5754) in mid-2017, shared with hardware manufacturers under embargo; well before Intel launched "Coffee Lake." Their findings were made public on January 3, 2018.

Intel's engineers would have had sufficient time to understand the severity of the vulnerability, as "Coffee Lake" is essentially the same micro-architecture as "Kaby Lake" and "Skylake." As one security researcher puts it, this could affect Intel's liability when 8th generation Core processor customers decide on a class-action lawsuit. As if that wasn't worse, "Skylake" and later micro-architectures could require micro-code updates in addition to OS kernel patches to work around the vulnerabilities. The three micro-architectures are expected to face a performance-hit, despite Intel extracting colorful statements from its main cloud-computing customers that performance isn't affected "in the real-world." The company was also well aware of Spectre and Meltdown before its CEO dumped $22 million in company stock and options (while investors and the SEC were unaware of the vulnerabilities).



View at TechPowerUp Main Site
 

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
30,443 (6.40/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Ouch another one, not good at all
 
Joined
Jun 12, 2017
Messages
75 (0.07/day)
It is OK to blame Intel for releasing Meltdown-vulnerable processors. But since it can be solved with Linux KPTI and Windows kernel rework, and Intel did finish those work with Linux team and Microsoft in time, it's kinda less unacceptable.

But hell no, you can’t blame Intel for Spectre vulnerability. It affects ALL modern processors with speculative execution and is simply impossible to fix (unless every app developer cooperates). The only way we currently know is to drop speculative execution and get back to stone age (80x86). We need another breakthrough in computer science in the following years to fix it.
 
Joined
Sep 15, 2011
Messages
5,398 (1.67/day)
Processor Intel Core i7 3770k @ 4.3GHz
Motherboard Asus P8Z77-V LK
Memory 16GB(2x8) DDR3@2133MHz 1.5v Patriot
Video Card(s) MSI GeForce GTX 1080 GAMING X 8G
Storage 59.63GB Samsung SSD 830 + 465.76 GB Samsung SSD 840 EVO + 2TB Hitachi + 300GB Velociraptor HDD
Display(s) Acer Predator X34 3440x1440@100Hz G-Sync
Case NZXT PHANTOM410-BK
Audio Device(s) Creative X-Fi Titanium PCIe
Power Supply Corsair 850W
Mouse Anker
Software Win 10 Pro - 64bit
Benchmark Scores 30FPS in NFS:Rivals
Why do I have a feeling that things are blowing out of proportions again...
 
Joined
Mar 7, 2011
Messages
1,869 (0.55/day)
Why do I have a feeling that things are blowing out of proportions again...
I dont think it blown to proportions it needs to, these c***-ups are affecting millions of users of cloud computing. What's worse is that now that it's all over the news hackers who may have been in dark will now exploit the bug even after software band-aid patches have been applied(since its a hardware bug still it can be exploited). Intel needs to own up their mess and clean it up or go belly up for good. Just a few months back it was Intel ME exploit , before that a USB exploit and now these 3 new exploits guess its a good thing so many fanboys are still a**-******g Intel in making sure they make profit end of the year.
 
Last edited:
Joined
Oct 2, 2004
Messages
13,791 (2.39/day)
I hope shit is paying off for Intel skimping on quality work on hardware saving few millions back then and now losing 10x as much. And no, I don't think anything is blowing out of proportions. Crap like this shows the real attitide of the company. Releasing a flawed product well knowing it's flawed to such extent shows intent. They were literally hoping no one would notice or care. Damn right people should be outraged and they should feel the angre financially. I'm still waiting for actual confirmations what all the recent patches are fixing (if anything at all and how much penalty we're paying for it), but it's very unlikely I'll be buying Intel next time. I ditched Intel as an option for laptop the moment news broke out about the flaws and how their CEO dumped the stocks right before shit went public. That was the moment I ordered AMD based laptop which was as a second a bit more expensive (but faster) option. Same fate will meet the desktop eventually depending on situation. Not in the mood to change my entire X99 platform just yet...
 
Joined
Sep 15, 2011
Messages
5,398 (1.67/day)
Processor Intel Core i7 3770k @ 4.3GHz
Motherboard Asus P8Z77-V LK
Memory 16GB(2x8) DDR3@2133MHz 1.5v Patriot
Video Card(s) MSI GeForce GTX 1080 GAMING X 8G
Storage 59.63GB Samsung SSD 830 + 465.76 GB Samsung SSD 840 EVO + 2TB Hitachi + 300GB Velociraptor HDD
Display(s) Acer Predator X34 3440x1440@100Hz G-Sync
Case NZXT PHANTOM410-BK
Audio Device(s) Creative X-Fi Titanium PCIe
Power Supply Corsair 850W
Mouse Anker
Software Win 10 Pro - 64bit
Benchmark Scores 30FPS in NFS:Rivals
But then again, for a normal desktop machine, do you really need a bios and OS update that just going to slow your CPU down? I mean how many Joes are running VMs in a shared environment??
 
Joined
Oct 20, 2017
Messages
36 (0.04/day)
Has been Intel's CEO sued for insider trading yet? Or once again rule "too big to fail" applies?
 
Joined
Oct 2, 2004
Messages
13,791 (2.39/day)
But then again, for a normal desktop machine, do you really need a bios and OS update that just going to slow your CPU down? I mean how many Joes are running VMs in a shared environment??
If you think VM means only VMWare and VirtualBox, then you're greatly mistaken. Pretty much all security software today uses virtualization for malware protection and analysis. You know, what they used to run in dreadfully slow and limited emulators is now run natively in its own secure space and dissected there. Would you want to allow that in a "secure space" from which malware can potentially access your actual host?
 
Joined
Oct 16, 2013
Messages
35 (0.01/day)
Processor i7 4930k
Motherboard Rampage IV Extreme
Cooling Thermalright HR-02 Macho
Memory 4 X 4096 MB G.Skill DDR3 1866 9-10-9-26
Video Card(s) Gigabyte GV-N780OC-3GD
Storage Crucial M4 128GB, M500 240GB, Samsung HD103SJ 1TB
Display(s) Planar PX2710MW 27" 1920x1080
Case Corsair 500R
Power Supply RAIDMAX RX-1200AE
Software Windows 10 64-bit
It is OK to blame Intel for releasing Meltdown-vulnerable processors. But since it can be solved with Linux KPTI and Windows kernel rework, and Intel did finish those work with Linux team and Microsoft in time, it's kinda less unacceptable.

But hell no, you can’t blame Intel for Spectre vulnerability. It affects ALL modern processors with speculative execution and is simply impossible to fix (unless every app developer cooperates). The only way we currently know is to drop speculative execution and get back to stone age (80x86). We need another breakthrough in computer science in the following years to fix it.
The fact that Meltdown can be easily patched by software update actually makes it more unacceptable to me. The logic behind the fix is simple enough and shouldn't be ignored to new generation of CPU release. To me it sounds like intel chosed to quickly push out competitive products (with an undisclosed critical flaw) against Ryzen over offering better security to all customers. Not patching Spectre can be excused, but not Meltdown.
Intel is committed to product and customer security
That official statement is a plain lie to me.
 
Joined
Jun 28, 2016
Messages
3,595 (2.44/day)
Man... you and @Raevenlord are like a TPU's special squad for writing these anti-Intel comments. It's not even qualified as editorial or a citation from another page. It's just you - being able to put your personal opinion on the front page... :)

Was AMD aware of Spectre when they released Ryzen Mobile in November? :)

This really is a serious issue, but this panic is totally pointless. The reason why there is an embargo after a bug/flaw is found, is to give companies time to fix it before the problem goes public and media make a mess of it.
The most possible outcome now is that this whole situation will rush companies into releasing precooked fixes (so soon we'll get fixes to fixes).
 
Joined
Jul 12, 2017
Messages
9 (0.01/day)
Processor ryzen 7 1700
Motherboard ASROCK AB350M BIOS 3.3
Cooling D14
Memory Patriot Viper 4 DDR4 3400mhz 8gbx2
Video Card(s) EVGA GTX 960 4GB SC
Storage Plextor M6V 512GB
Power Supply Ledex super flower gold 650W
Mouse G102
This may all not be a design flaw but "is functional by design as a backdoor to professional hackers, legel, and illegal organization that had been informed about the backdoor." NSA is one of the publicly known organizations.

The leak of the backdoors is however undesirable to the organizations and hackers that use the backdoors on a daily basis.
 
Joined
Jun 25, 2014
Messages
106 (0.05/day)
System Name Ryzen shine, Mr Freeman
Processor 3700X
Motherboard ASRock X470 Taichi Ultimate
Cooling NH-D15S
Memory Ballistix LT 2x16GB white 3200
Video Card(s) GeForce GTX 1070FE
Storage 500GB-970EVOplus, 256GB-850Pro, 1TB-860EVO
Display(s) LG OLED 55B8
Case Fractal Meshify C White TG
Audio Device(s) Xonar Essence STU, Mackie MR5+MR10S, HD598
Power Supply Seasonic Prime Titanium 850W
Mouse GPW
Keyboard Fnatic Streak
I also feel that this gets way overhyped (by the press) already...
 
Joined
Oct 27, 2009
Messages
780 (0.20/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
This may all not be a design flaw but "is functional by design as a backdoor to professional hackers, legel, and illegal organization that had been informed about the backdoor." NSA is one of the publicly known organizations.

The leak of the backdoors is however undesirable to the organizations and hackers that use the backdoors on a daily basis.
Yeah... no shit they knew there was a backdoor on the latest gen cpu... it's been there for 15yrs... the next wikileak dump should make this all more clear.
Given that 4 independent research groups happened to find all this shit at the same exact time... this was a tip-off/retiring of a backdoor due to impending leak.
 
Joined
Mar 23, 2016
Messages
3,754 (2.39/day)
Processor Ryzen 5 3600
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4-3200 16GB @3466 MHz
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v2004
I mean how many Joes are running VMs in a shared environment??
I prefer my passwords as an example of the information disclosure being talked about in text I quoted below stay private undisclosed to third party apps in user space. ;)
Microsoft Security Advisory said:
Speculative execution side-channel vulnerabilities can be used to read the content of memory across a trusted boundary and can therefore lead to information disclosure.
These mitigations prevent attackers from triggering a weakness in the CPU which could allow the contents of memory to be disclosed.

In client (desktop) scenarios, a malicious user mode application could be used to disclose the contents of kernel memory.

Customers using Windows client operating systems including Windows 7 Service Pack 1, Windows 8.1, and Windows 10 need to apply both firmware and software updates.
Source: ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities - Security Advisory
 
Last edited:
Joined
Apr 16, 2010
Messages
2,065 (0.55/day)
System Name The Stone that the Builders Refused / iJayo
Processor R5 1600/ R7 3700X
Motherboard Asrock AB350 Pro4 / Asus Rog Strix B450-F gaming
Cooling Cryorig M9 / Noctua NH-D14
Memory G skill 16 Gigs ddr4 / 16 gigs PNY ddr4
Video Card(s) Nvdia GTX 660 / Nvidia RTX 2070 Super
Storage 120gig 840 evo, 120gig adata sp900 / 512 Scandisc M.2 ssd 2 x 1tb seagate hdd 120 gig Hyper X ssd
Display(s) 42" Nec retail display monitor/ 42" Nec retail display monitor
Case Pink Enermax Ostrog / Phanteks Enthoo Evolv Tempered Glass edition
Audio Device(s) Altec Lansing Expressionist Bass/ M-Audio monitors
Power Supply Corsair450 / Be Quiet Dark Power Pro 650
Mouse corsair vengence M65 / Zalman Knossos
Keyboard corsair k95 / Corsair K63 wireless
Software Window 10 pro / Windows 10 pro
Benchmark Scores meh... feel me on the battle field!
.....just ignore that iceberg intel....nothing to worry about.... On the real though....this is kinda sad....
 
Joined
Jul 12, 2017
Messages
9 (0.01/day)
Processor ryzen 7 1700
Motherboard ASROCK AB350M BIOS 3.3
Cooling D14
Memory Patriot Viper 4 DDR4 3400mhz 8gbx2
Video Card(s) EVGA GTX 960 4GB SC
Storage Plextor M6V 512GB
Power Supply Ledex super flower gold 650W
Mouse G102
May just be like you said "retiring of a backdoor" and later push for next-generation processor sale with even more powerful backdoors:
(without the leaked backdoors)
Intel Management Engine (ME) cannot be switched off
AMD's Platform Security Processor (PSP) it uses an ARM processor..... can be switched off in BIOS, but can it actually be switched off in hardware level?

Scary.....

may just be retiring some leaked backdoors..... retiring some leaked backdoors...
main investors have both AMD and Intel shares
boosting AMD for balancing the CPU market, dramas and competitions are needed to boost sales.

All in the name for the greater good
 
Last edited:
Joined
Aug 3, 2011
Messages
939 (0.29/day)
Location
At the Pub
System Name Single Shot Refresh
Processor 9700K
Motherboard Z390 Srtix E
Cooling EK CPU + GPU Hardline
Memory 2x8GB Gskill Royal
Video Card(s) RTX 2080Ti
Storage M.2 970 Evo 1GB
Display(s) 4K 40" BDM4065UC
Case Corsair 750D
Audio Device(s) Onboard
Power Supply Corsair AX1200
Mouse Logitech G502
Keyboard Logitech G910
Software Win 10 x64 atm
Benchmark Scores It Chops : )
Looks like ill have to fire up my old P4 : )
 
Joined
Oct 27, 2009
Messages
780 (0.20/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
15,925 (3.46/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K at stock (hits 5 gees+ easily)
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (4 x 4GB Corsair Vengeance DDR3 PC3-12800 C9 1600MHz)
Video Card(s) Zotac GTX 1080 AMP! Extreme Edition
Storage Samsung 850 Pro 256GB | WD Green 4TB
Display(s) BenQ XL2720Z | Asus VG278HE (both 27", 144Hz, 3D Vision 2, 1080p)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair HX 850W v1
Software Windows 10 Pro 64-bit
Intel are clearly, a caring, sharing company. Aww, I feel so warm and fuzzy now. :nutkick:
 
Joined
Sep 7, 2011
Messages
217 (0.07/day)
Location
Pekanbaru - Riau - Indonesia - Earth - Universe
System Name My Best Friend...
Processor Qualcomm Snapdragon 650
Motherboard Made By Xiaomi
Cooling Air and My Hands :)
Memory 3GB LPDDR3
Video Card(s) Adreno 510
Storage Sandisk 32GB SDHC Class 10
Display(s) 5.5" 1080p IPS BOE
Case Made By Xiaomi
Audio Device(s) Snapdragon ?
Power Supply 2A Adapter
Mouse On Screen
Keyboard On Screen
Software Android 6.0.1
Benchmark Scores 90339
Is it all of this related to yahoo problem and other hacked or leaked accounts ?
 
Top