Spectre security patch by Intel, currently only for Skylake chips
Your Feed is from https://www.safeharboroncyber.com/Blog/
CyberWisdom Safe Harbor Commentary on Spectre Security Patch
Today I came across this story from securityaffairs.co that finally reviews a partial Spectre security patch is on its way. Intel is releasing a new firmware update to address the Skylake Processor Spectre Vulnerability CVE-2017-5715.
Intel is releasing a new firmware update limited to the Skylake processor to address the spectre vulnerabilities and expects patches for other platforms to be released soon.
Spectre Attack Capability to stop by Spectre security patch
Spectre attacks allow user-mode applications to extract information from other processes running on the same system. It can also be used to extract information from your own processes via code, for example, you can use malicious JavaScript to extract login cookies from other browsers’ memory.
Spectre attacks break the isolation between different applications, allowing information to leak from the kernel to the user program and from the hypervisor to the guest system.
The company offers a beta version to update customers and partners that work with other processors for extensive testing prior to final release.
We all know the disturbing story about security patches released by Intel. On January 3, the whitelist hackers at Google Project Zero disclosed features on Intel chips called Meltdown (CVE-2017-5754) and spectre (CVE-2017-5753 ) And CVE-2017-5715), Intel immediately released security patches, but in many cases, they created problems for the system.
Many companies have introduced patches to reinstate Intel updates, including Red Hat and Microsoft.
Spectre security patch update
Intel now seems to have a clearer idea of the reasons for the problems observed after deploying the initial update and releasing the new microcode update.
“For those who care about system stability, we’re also working with our OEM partners as we complete newer solutions, opting to use the previous version of microcode, but does not show these issues, but deletes Variant 2 (spectre) Mitigation This will be provided by the BIOS update and will not affect the mitigation of Variant 1 (spectre) and Variation 3 (Melting). “Identifies the microcode revision guide released by Intel.
Spectre Impacts
Do Spectre and Meltdown patches hurt performance?
These patches generally mitigate the vulnerabilities by altering or disabling how software code makes use of the speculative execution and caching features built into the underlying hardware. The downside of this, of course, is that these features were designed to improve system performance, and so working around them can slow your systems down. While there were initial reports of performance hits up to 30 percent, benchmarks from Phoronix indicate that 5 to 10 percent seems more typical.
Frequent restarts and other issues
Frequent restarts and other issues related to fixing CVE-2017-5715 spectre Variant 2 affect virtually any platform, including systems running on Broadwell Haswell CPUs, as well as Ivy Bridge-, Sandy Bridge-, Skylake- and Kaby-based Lake’s platform. Read Cyberwisdom: Embarrassed Microsoft rolled out another Spectre patch on top of the patch to disable mitigations for Spectre v2 attacks
Although many users choose not to install patches to avoid problems, security companies are reporting the first PoC malware exploiting “Meltdown and Spectre.”
Vulnerability explanation
The so-called Meltdown and Specter hardware vulnerabilities allow so-called bypass channel attacks: in the case of Meltdown this means that there is a risk of malicious access to sensitive information in kernel memory, and for Spectre user applications may read kernel memory and others Application memory. Therefore, an attacker can read sensitive system memory that may contain passwords, encryption keys, and e-mail, and use that information to make a local attack.
Systems with microprocessors that make use of speculative execution and indirect branch prediction may allow for unauthorized disclosure of information to an attacker with local user access through sidechannel analysis.
On January 17, AV-TEST’s experts reported that they have found 77 malicious software samples that are clearly related to the Intel vulnerability – Read Cyberwisdom: Meltdown and Spectre Chip Flaw and Vulnerability Implementation Guide Update: Intel holding off Patches
What is speculative execution?
Speculative execution essentially involves a chip attempting to predict the future in order to work faster. If the chip knows that a program involves multiple logical branches, it will start working out the math for all of those branches before the program even has to decide between them. For instance, if the program says, “If A is true, compute function X; if A is false, compute function Y”, the chip can start computing both functions X and Y in parallel before it even knows whether A is true or false. Once it knows whether A is true or false, it already has a head start on what comes after, which speeds up processing overall. Or, in another variation, if a chip learns that a program makes use of the same function frequently, it might use idle time to compute that function even when it hasn’t been asked to, just so it has what it thinks the answer will be on hand.
What is caching?
Caching is a technique used to speed up memory access. It takes a relatively long time for the CPU to fetch data from RAM, which lives on a separate chip, so there’s a special small amount of memory storage called CPU cache on that lives on the CPU chip itself and that can be accessed very quickly. This memory gets filled with data that the chip will need soon, or often. What’s relevant for our situation is that data that’s output by speculative execution is often stored in a cache, which is part of what makes speculative execution a speed booster.
The problem arises when caching and speculative execution starts grappling with protected memory.
What is protected memory?
Protected memory is one of the foundational concepts underlying computer security. In essence, no process on a computer should be able to access data unless it has permission to do so. This allows a program to keep some of its data private from some of its users and allows the operating system to prevent one program from seeing data belonging to another. In order to access data, a process needs to undergo a privilege check, which determines whether or not it’s allowed to see that data.
But a privilege check can take a (relatively) long time. So — and this is the key to the vulnerability we’re discussing — while the CPU is waiting to find out if the process is allowed to access that data, thanks to speculative execution, it starts working with that data even before it receives permission to do so. In theory, this is still secure because the results of that speculative execution are also protected at the hardware level. The process isn’t allowed to see them until it passes the privilege check, and if it doesn’t pass the check, the data is discarded.
The problem arises because the protected data is stored in CPU cache even if the process never receives permission to access it. And because CPU cache memory can be accessed more quickly than regular memory, the process can attempt to access certain memory locations to find out if the data there has been cached — it still won’t be able to access the data, but if the data has been cached, its attempt to read it will be rejected much more quickly than it otherwise would. Think of it as knocking on a box to see if it’s hollow. Because of the way computer memory works, just knowing the addresses where data is stored can help you deduce what the data is. This is what’s known as a side-channel attack.
What’s the difference between Spectre and Meltdown?
If you want a much more technical description of how Spectre and Meltdown work, you should check out the post on Google’s Project Zero site that was most of the world’s introduction to it. To keep it short and simple, both Spectre and Meltdown could allow potential attackers to get access to data they shouldn’t have access to using the techniques outlined above, but their effects are somewhat different:
Meltdown got its name because it “melts” security boundaries normally enforced by hardware. By exploiting Meltdown, an attacker can use a program running on a machine to gain access to data from all over that machine that the program shouldn’t normally be able to see, including data belonging to other programs and data that only administrators should have access to. Meltdown doesn’t require too much knowledge of how the program the attacker hijacks works, but it only works with specific kinds of Intel chips. This is a pretty severe problem but fixes are being rolled out.
By exploiting the Spectre variants, an attacker can make a program reveal some of its own data that should have been kept secret. It requires more intimate knowledge of the victim program’s inner workings, and doesn’t allow access to other programs’ data, but will also work on just about any computer chip out there. Spectre’s name comes from speculative execution but also derives from the fact that it will be much trickier to stop — while patches are starting to become available, other attacks in the same family will no doubt be discovered. That’s the other reason for the name: Spectre will be haunting us for some time.
Why are Spectre and Meltdown dangerous?
Meltdown and Spectre both open up possibilities for dangerous attacks. For instance, JavaScript code on a website could use Spectre to trick a web browser into revealing user and password information. Attackers could exploit Meltdown to view data owned by other users and even other virtual servers hosted on the same hardware, which is potentially disastrous for cloud computing hosts.
But beyond the potential specific attacks themselves lies the fact that the flaws are fundamental to the hardware platforms running beneath the software we use every day. Even code that is formally secure as written turns out to be vulnerable because the assumptions underlying the security processes built into the code — indeed, built into all of the computer programming — have turned out to be false.
Mitigating now is to wait and patch our system.
Read more…
Intel is releasing new firmware updates that should address Spectre vulnerabilities CVE-2017-5715 for Skylake processors. Intel is releasing new firmware updates limited to Skylake processors to address Spectre vulnerabilities, patches for other platforms are expected very soon. The Spectre attack allows user-mode applications to extract information from other processes running on the same system. It can also be exploited… Engaging post, Read More…
thumbnail courtesy of securityaffairs.co
more…
“I can’t emphasize enough how critical it is for everyone to always keep their systems up-to-date,” wrote Navin Shenoy, executive veep and general manager of Intel’s data centre group, bemoaning the fact that punters are slow to install patches and criminals use that tardiness to do their worst.
Intel adopts Orwellian irony with call for fast Meltdown-Spectre action after slow patch delivery
For now, have some code that won’t crash Skylakes and stay close to your Telescreens Intel’s offered the world some helpful advice about how to handle the Meltdown and Spectre chip design flaws it foisted on the world.…… Intel adopts Orwellian irony with call for fast Meltdown-Spectre action after slow patch delivery
(adsbygoogle = window.adsbygoogle || []).push({});
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post
The post Spectre security patch by Intel, currently only for Skylake chips appeared first on Safe Harbor on Cyber.
Powered by WPeMatico
convert this post to pdf.