• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Major Intel CPU Hardware Vulnerability Found

Status
Not open for further replies.

Knoxx29

The Power Of Intel
Joined
Feb 19, 2014
Messages
6,230 (2.72/day)
Location
Behind a VPN
System Name Black Widow/Red Queen X3
Processor i7 8086K 5.3GHz 1.36V/ Xeon X5690 4.5 GHz 1.377
Motherboard Asus Rog Maximus XI Extreme/ Evga X58 Classified 3
Cooling WaterChiller - both Machines looped
Memory G.SKILL Trident Z 3866MHz @4000MHz - G.SKILL RIPJAWSX V 3000MHz 32GB - G.SKILL RIPJAWSX 2133MHz 12GB
Video Card(s) EVGA GEFORCE GTX 1080 Ti/ EVGA 1080 CLASSIFIED
Storage Samsung 970/960/850/840 EVO 250GB - WD Blue 1TB - WD Black 1TB/ Samsung EVO 250GB
Display(s) Asus PG278Q ROG/ Samsung
Case Lian Li PC-V3000/Cougar Panzer MaxLian Li
Audio Device(s) On Board
Power Supply Enermax Platimax 1000W 80plus platinum Super Overclock Edition ATX2
Mouse Logitech G502 spectrum
Keyboard Virtuis Advanced Gaming Keyboard
Software Windows 10 Pro.
Benchmark Scores My PC runs FiFA
Joined
Mar 23, 2016
Messages
3,688 (2.41/day)
Processor Ryzen 5 3600
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v1903
Joined
Apr 23, 2009
Messages
15 (0.00/day)
Location
Hannover, Germany
Processor AMD Ryzen 7 2700X, watercooled
Motherboard Asus ROG Strix X470-F Gaming
Cooling Custom Watercooling-Loop with 2x240mm and 1x120mm Radiators
Memory 2x8Gb G.Skill Trident Z 3433 MHz
Video Card(s) AMD Radeon VEGA 64, watercooled
Storage OCZ Vertex 4 256Gb, Mushkin Reactor 1Tb
Display(s) Acer Predator 144Hz 1440p
Case Corsair Obsidian 500D
Power Supply Superflower Leadex Platinum 750W
Joined
Mar 23, 2016
Messages
3,688 (2.41/day)
Processor Ryzen 5 3600
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v1903
Or is it possible to load microcode through windows updates?
Yes it is possible, I'm curious myself if that's what will happen though. It's either Asus or Intel my bets on Intel unless Asus but doubt that'll happen.
 
Last edited:
D

Deleted member 163934

Guest
In other words: If Asus does not publish a BIOS update for my aged Z68 board, I am screwed anyway? Or is it possible to load microcode through windows updates?
https://labs.vmware.com/flings/vmware-cpu-microcode-update-driver#instructions

Even if the mb manufactures doesn't bother to update the microcode and microsoft doesn't bother to update the microcode loaded by windows you can still use a newer microcode in windows following the stuff in the link above, but we still need Intel to release a microcode update (the latest https://downloadcenter.intel.com/download/27337/Linux-Processor-Microcode-Data-File is from 11/17/2017).

Keep in mind that if you decide to use the method described in the link above you do it on your own risk.

(I saw no problems on my Haswell cpu while using the method described in the link above to update the microcode, but well this is just my case.)

Note 1 : On boot the bios will load the old microcode, the stuff from the above link is basicaly a driver that will load a newer microcode (as long as it's available) in Windows (it has to be loaded every time Windows starts because it doesn't changes the microcode in your bios).
Note 2: From what I tested with this stuff I know it also works with AMD k10 cpus but it doesn't work with AMD k8 cpu (similar with linux, didn't bothered to read the amd k8 family cpu errata, maybe the k8 microcode update procedure is bugged or well there is no such procedure to begin with).

In Linux you can update the cpu microcode from Drivers Manager (or whatever the name for this things is in your distro). It's actually easier in Linux :) .
 
Last edited by a moderator:
Joined
Mar 23, 2016
Messages
3,688 (2.41/day)
Processor Ryzen 5 3600
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v1903
From Intel: We have begun providing software and firmware updates to mitigate these exploits. End users and systems administrators should check with their operating system vendors and system manufacturers, and apply any updates as soon as they are available.

https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

Thanks for the tip off @thedukesd1, method appears to still work.
microcodeupdate.png

Short summary from Google for anyone interested in the highlights.
Speculative Execution and the Three Methods of Attack
In addition, to follow up on yesterday’s post, today we’re providing a summary of speculative execution and how each of the three variants work.In order to improve performance, many CPUs may choose to speculatively execute instructions based on assumptions that are considered likely to be true. During speculative execution, the processor is verifying these assumptions; if they are valid, then the execution continues. If they are invalid, then the execution is unwound, and the correct execution path can be started based on the actual conditions. It is possible for this speculative execution to have side effects which are not restored when the CPU state is unwound, and can lead to information disclosure.Project Zero discussed three variants of speculative execution attack. There is no single fix for all three attack variants; each requires protection independently.
  • Variant 1 (CVE-2017-5753), “bounds check bypass.” This vulnerability affects specific sequences within compiled applications, which must be addressed on a per-binary basis.
  • Variant 2 (CVE-2017-5715), “branch target injection”. This variant may either be fixed by a CPU microcode update from the CPU vendor, or by applying a software mitigation technique called “Retpoline” to binaries where concern about information leakage is present. This mitigation may be applied to the operating system kernel, system programs and libraries, and individual software programs, as needed.
  • Variant 3 (CVE-2017-5754), “rogue data cache load.” This may require patching the system’s operating system. For Linux there is a patchset called KPTI (Kernel Page Table Isolation) that helps mitigate Variant 3. Other operating systems may implement similar protections - check with your vendor for specifics.
More details about mitigations for the CPU Speculative Execution issue
 
Last edited:
Joined
Nov 30, 2015
Messages
707 (0.43/day)
Location
Croatia
Processor Core i5-2400 @3,1 GHz
Motherboard Gigabyte GA-B75M-D3H
Cooling LC Power LC-CC-95
Memory HyperX Genesis 2x4GB @1333 MHz
Video Card(s) EVGA GTX 1050 Ti FTW ACX 3.0 4GB
Storage WD Blue 1TB/ Crucial BX500 120GB/ Seagate 500GB
Display(s) ASUS VW190DE
Case Deepcool Smarter /w 2x Zalman 1000RPM
Audio Device(s) Onboard
Power Supply Bitfenix Formula Gold 550W
Mouse Microsoft WMO 1.1A
Keyboard IBM KB-8926
Software W10 Pro 64-bit
Benchmark Scores Turns on on the first try! Usually.
Many Journalist and Reviewers are just playing the Nostradamus's Game. Lol

Does anyone has the time to tell if this whole thing affect Intel's future CPU's?
From what I've understood, yes, the future CPU's will be affected, unless Intel makes changes on the architecture level. The problem requires some changes on the bottom level of the arch.
 
Joined
Jan 8, 2017
Messages
5,028 (4.06/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
From what I've understood, yes, the future CPU's will be affected, unless Intel makes changes on the architecture level. The problem requires some changes on the bottom level of the arch.
It's not really down to the particular architecture they employ. That's just the nature of modern superscalar CPUs , stuff is executed in parallel as the CPU looks back and forth through the instructions it's supposed to run. There is no hardware fix to speak of as it is nearly impossible to know when not to do that outside of a couple known situations , which is basically what the software fix is about.
 
Joined
Mar 23, 2016
Messages
3,688 (2.41/day)
Processor Ryzen 5 3600
Motherboard MSI B450 Tomahawk ATX
Cooling Cooler Master Hyper 212 Black Edition
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) EVGA NU Audio
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v1903
which is basically what the software fix is about.
Speaking of software fixes I found Google's "Retpoline" was a interesting read.
Executive Summary
“Retpoline” sequences are a software construct which allow indirect branches to be isolated from speculative execution. This may be applied to protect sensitive binaries (such as operating system or hypervisor implementations) from branch target injection attacks against their indirect branches.
The name “retpoline” is a portmanteau of “return” and “trampoline.” It is a trampoline construct constructed using return operations which also figuratively ensures that any associated speculative execution will “bounce” endlessly.
(If it brings you any amusement: imagine speculative execution as an overly energetic 7-year old that we must now build a warehouse of trampolines around.)
Retpoline: a software construct for preventing branch-target-injection
 
Joined
Nov 30, 2015
Messages
707 (0.43/day)
Location
Croatia
Processor Core i5-2400 @3,1 GHz
Motherboard Gigabyte GA-B75M-D3H
Cooling LC Power LC-CC-95
Memory HyperX Genesis 2x4GB @1333 MHz
Video Card(s) EVGA GTX 1050 Ti FTW ACX 3.0 4GB
Storage WD Blue 1TB/ Crucial BX500 120GB/ Seagate 500GB
Display(s) ASUS VW190DE
Case Deepcool Smarter /w 2x Zalman 1000RPM
Audio Device(s) Onboard
Power Supply Bitfenix Formula Gold 550W
Mouse Microsoft WMO 1.1A
Keyboard IBM KB-8926
Software W10 Pro 64-bit
Benchmark Scores Turns on on the first try! Usually.
It's not really down to the particular architecture they employ. That's just the nature of modern superscalar CPUs , stuff is executed in parallel as the CPU looks back and forth through the instructions it's supposed to run. There is no hardware fix to speak of as it is nearly impossible to know when not to do that outside of a couple known situations , which is basically what the software fix is about.
Yea I figured the issue is not a specific part, rather the way things are done. Tho the answer still stands, things (probably) won't get fixed with the following release.
 

HTC

Joined
Apr 1, 2008
Messages
4,055 (0.91/day)
Location
Portugal
System Name HTC's System
Processor Ryzen 5 2600X
Motherboard Asrock Taichi X370
Cooling NH-C14, with the AM4 mounting kit
Memory G.Skill Kit 16GB DDR4 F4 - 3200 C16D - 16 GTZB
Video Card(s) Sapphire Nitro+ Radeon RX 480 OC 4 GB
Storage 1 Samsung NVMe 960 EVO 250 GB + 1 3.5" Seagate IronWolf Pro 6TB 7200RPM 256MB SATA III
Display(s) LG 27UD58
Case Fractal Design Define R6 USB-C
Audio Device(s) Onboard
Power Supply Corsair TX 850M 80+ Gold
Mouse Razer Deathadder Elite
Software Ubuntu 19.04 LTS
Bill, I like you, but you really don't understand this one. This vulnerability, if allowed unchecked, is akin to being locked in a cage in a house with money, with the keys to cage in hand.

If you have a VM on the machine (and many VMs in the cloud share with rental providers), you can access any memory of any OTHER VM on the machine... Yes, undetected, from within your own VM. In other VMs memory, there are keys, passwords, certificates, and all these can be accessed unchecked. That's how bad this is unpatched, and there is no exaggeration there.

In many ways, this is worse than heartbleed. It will depend on how fast cloud providers deploy the fix how much damage is done, though. That's the determining factor.

The performance penalty is exagerated. The security implications are not. Nor is the call of it being a "signifigant redesign of OS kernels." After reading they basically ripped out the shared symbol file wholehog (a mainstay since the 90s) I'm actually inclined to agree with the media: That's the biggest redesign in some time.
Has anyone considered that this problem may have been discovered quite some time ago by X or Y hacker and, obviously, he / she kept quiet about it and has, since then, been able to take advantage of it for his / her nefarious purposes? As such, how do we know if this problem hasn't already caused any damage? For all we know, that Equifax data breach problem could have been done using these exploits, no? And this is assuming these exploits were found by just one hacker and that he / she didn't "share" with any "colleague".
 
Joined
Apr 12, 2013
Messages
3,197 (1.23/day)
Has anyone considered that this problem may have been discovered quite some time ago by X or Y hacker and, obviously, he / she kept quiet about it and has, since then, been able to take advantage of it for his / her nefarious purposes? As such, how do we know if this problem hasn't already caused any damage? For all we know, that Equifax data breach problem could have been done using these exploits, no? And this is assuming these exploits were found by just one hacker and that he / she didn't "share" with any "colleague".
Yes & there's also speculation that this was a CIA/NSA induced bug (meltdown) but we have no credible way to know anything more apart from the two flaws disclosed by project zero & four PoC.
 
Joined
Jan 8, 2017
Messages
5,028 (4.06/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
Yes & there's also speculation that this was a CIA/NSA induced bug (meltdown)
Probably the Illuminati too. Or are they the same ?
 
Joined
Jan 8, 2017
Messages
5,028 (4.06/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
That was supposed to be sarcastic.

The US and it's intelligence agency is given to much credit. No , they probably aren't responsible for every single shit that happens with regards to cyber security. Seriously , give others some love too.
 
Last edited:
Joined
Apr 12, 2013
Messages
3,197 (1.23/day)
That was supposed to be sarcastic.

The US and it's intelligence agency is given to much credit. No , they probably aren't responsible for every single shit that happens with regards to cyber security. Seriously , give others some love too.
Yeah I figured but personally don't follow conspiracy theories outside of my geography. The Snowden revelations though have me skeptical of an imminent big brother threat ~ Personal data of a billion Indians sold online for £6, report claims
 
Joined
Jan 8, 2017
Messages
5,028 (4.06/day)
System Name Good enough
Processor AMD Ryzen R7 1700X - 4.0 Ghz / 1.350V
Motherboard ASRock B450M Pro4
Cooling Scythe Katana 4 - 3x 120mm case fans
Memory 16GB - Corsair Vengeance LPX
Video Card(s) OEM Dell GTX 1080
Storage 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) 4K Samsung TV
Case Zalman R1
Power Supply 500W
There is no doubt there are concerns with regards to security and privacy but slapping an NSA tag on every single things seems unnecessary.
 
Joined
Apr 12, 2013
Messages
3,197 (1.23/day)
There is no doubt there are concerns with regards to security and privacy but slapping an NSA tag on every single things seems unnecessary.
You probably missed the sarcastic part then, this isn't my theory - it's all over the net, I don't subscribe to it bit I won't rule it out either.
The point is govt agencies, much like corporations, won't accept anything until they absolutely have to.
 
Joined
Aug 23, 2011
Messages
69 (0.02/day)
Location
Athens
Processor Intel i5 750
Motherboard ASUS P7P55-M
Cooling Corsair A50
Memory HyperX Fury @1866 8GB
Video Card(s) Gigabyte R9 380 4G
Storage 1TB WD Blue / 2x SSD Kingston 120GB
Display(s) LG 24MP58VQ
Case Corsair Air 540
Audio Device(s) Soundblaster Z
Power Supply XFX TS 550w
Mouse Razer DeathAdder Chroma
Keyboard Razer Blackwidow Stealth 2016
Software Windows 10 Pro x64
in simple words the average user is F**.
 

Easy Rhino

Linux Advocate
Staff member
Joined
Nov 13, 2006
Messages
14,881 (3.01/day)
Location
Mid-Atlantic
System Name Desktop
Processor i5 7500 Kaby Lake
Motherboard AsRock MicroATX Z170M Extreme4
Cooling Stock
Memory 2x 16 Gb Gskill Ripjaws 2400
Video Card(s) AMD Radeon 5700
Storage Samsung 970 EVO 1 TB m.2 NVMe + Samsung 860 EVO 2 TB SATA3 SSD
Display(s) LG 34GK950F-B 34" 21:9 Ultragear WQHD Nano IPS Curved Gaming Monitor with Radeon FreeSync 2
Case Corsair Carbide 400C
Audio Device(s) On Board
Power Supply Seasonic SSR-650GD Flagship Prime Series 650W Gold
Mouse Logitech G900 Chaos Spectrum
Keyboard Corsair K63 Wireless
Software Windows 10
The knee jerk reaction to this story was totally overblown.
 
Joined
Dec 31, 2009
Messages
17,520 (4.61/day)
That's funny, I JUST posted something to that effect a minute ago in one of the 5 threads going.. thanks TPU news.
 

Knoxx29

The Power Of Intel
Joined
Feb 19, 2014
Messages
6,230 (2.72/day)
Location
Behind a VPN
System Name Black Widow/Red Queen X3
Processor i7 8086K 5.3GHz 1.36V/ Xeon X5690 4.5 GHz 1.377
Motherboard Asus Rog Maximus XI Extreme/ Evga X58 Classified 3
Cooling WaterChiller - both Machines looped
Memory G.SKILL Trident Z 3866MHz @4000MHz - G.SKILL RIPJAWSX V 3000MHz 32GB - G.SKILL RIPJAWSX 2133MHz 12GB
Video Card(s) EVGA GEFORCE GTX 1080 Ti/ EVGA 1080 CLASSIFIED
Storage Samsung 970/960/850/840 EVO 250GB - WD Blue 1TB - WD Black 1TB/ Samsung EVO 250GB
Display(s) Asus PG278Q ROG/ Samsung
Case Lian Li PC-V3000/Cougar Panzer MaxLian Li
Audio Device(s) On Board
Power Supply Enermax Platimax 1000W 80plus platinum Super Overclock Edition ATX2
Mouse Logitech G502 spectrum
Keyboard Virtuis Advanced Gaming Keyboard
Software Windows 10 Pro.
Benchmark Scores My PC runs FiFA
The update is out, ask @P4-630 - already made post about getting the update through Windows Update eariler.
No new updates for me.

update.PNG



In other words: If Asus does not publish a BIOS update for my aged Z68 board, I am screwed anyway? Or is it possible to load microcode through windows updates?
At least Asus has released a new Bios update for my Board but i wont install it
 
Joined
Jul 5, 2013
Messages
9,455 (3.75/day)
System Name GPD-Q9
Processor Rockchip RK-3288 1.8ghz quad core
Motherboard GPD Q9_V6_150528
Cooling Passive
Memory 2GB DDR3
Video Card(s) Mali T764
Storage 16GB Samsung NAND
Display(s) IPS 1024x600
The US and it's intelligence agency is given to much credit. No , they probably aren't responsible for every single shit that happens with regards to cyber security.
True, but this set of problems has NSA methodologies written all over it. While I'm not directly blaming them, it would not be at all surprising.
At least Asus has released a new Bios update for my Board but i wont install it
Why not? Are you waiting for a possibly better version?
 
Status
Not open for further replies.
Top