How to check if your Windows or Linux system is vulnerable to Microarchitectural Data Sampling (MDS) attacks

Intel yesterday disclosed a new group of Microarchitectural Data Sampling (MDS) hardware vulnerabilities that affect its CPUs. Rogue In-Flight Data Load (RIDL), Fallout, and ZombieLoad speculative execution attacks are related to Spectre and Meltdown which were discovered last year, and allow attackers to leak in-flight data from CPU-internal buffers (Line Fill Buffers, Load Ports, Store Buffers), including data never stored in CPU caches. SEE ALSO: Microsoft issues new patch for Windows XP to fight a dangerous ‘wormable’ vulnerability You can find out more about the various vulnerabilities at CPU.fail. The problem affects all modern Intel CPUs across servers, desktops and… [Continue Reading]


Original URL: https://betanews.com/2019/05/15/check-if-vulnerable-to-microarchitectural-data-sampling-mds-attacks/

Original article

Intel Says It Will Stop Developing Compute Cards

Intel will not develop new Compute Cards, the company said this week. From a report: Compute Cards were Intel’s vision of modular computing that would allow customers to continually update point of sale systems, all-in-one desktops, laptops and other devices. Pull out one card, replace it with another, and you have a new CPU, plus RAM and storage. “We continue to believe modular computing is a market where there are many opportunities for innovation,” an Intel spokesperson told Tom’s Hardware. “However, as we look at the best way to address this opportunity, we’ve made the decision that we will not develop new Compute Card products moving forward. We will continue to sell and support the current Compute Card products through 2019 to ensure our customers receive the support they need with their current solutions, and we are thankful for their partnership on this change.”

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/N9MyCKjXHaA/intel-says-it-will-stop-developing-compute-cards

Original article

Two Linux Kernels Revert Performance-Killing Spectre Patches

Friday Greg Kroah-Hartman released stable point releases of Linux kernel 4.19.4, as well as 4.14.83 and 4.9.139. While they were basic maintenance updates, the 4.19.4 and 4.14.83 releases are significant because they also reverted the performance-killing Spectre patches (involving “Single Thread Indirect Branch Predictors”, or STIBP) that had been back-ported from Linux 4.20, according to Phoronix:

There is improved STIBP code on the way for Linux 4.20 that by default just applies STIBP to SECCOMP threads and processes requesting it via prctl() but otherwise is off by default (that behavior can also be changed via kernel parameters). Once that code is ready to go for Linux 4.20, we may see it then back-ported to these stable trees.
Aside from reverting STIBP, these point releases just have various fixes in them as noted for 4.19.4, 4.14.83, and 4.9.139.
Last Sunday Linus Torvalds complained that the performance impact of the STIPB


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/ePv4_iFWvy0/two-linux-kernels-revert-performance-killing-spectre-patches

Original article

Report: Intel is cancelling its 10nm process. Intel: No, we’re not

Media reports published today that Intel is ending work on the 10nm process are untrue. We are making good progress on 10nm. Yields are improving consistent with the timeline we shared during our last earnings report.
— Intel News (@intelnews) October 22, 2018

Earlier today, it was reported that Intel is cancelling its troublesome 10nm manufacturing process. In an unusual response, the company has tweeted an official denial of the claims.
Development of Intel’s 10nm process has been difficult. Intel was very ambitious with its 10nm process—planning to increase the transistor density by something like 2.7 times—and wanted to use a number of exotic technologies to get there. It turned out that the company had bitten off more than it could chew: yields were very low, which is to say that most of the chips being manufactured were defective.
In a bid to recover, Intel is now striving for a less ambitious scaling (though


Original URL: https://arstechnica.com/?p=1397927

Original article

Intel Has Killed off the 10nm Process, Report Says

Charlie Demerjian, reporting for SemiAccurate: SemiAccurate has learned that Intel just pulled the plug on their struggling 10nm process. Before you jump to conclusions, we think this is both the right thing to do and a good thing for the company. For several years now SemiAccurate has been saying the the 10nm process as proposed by Intel would never be financially viable. Now we are hearing from trusted moles that the process is indeed dead and that is a good thing for Intel, if they had continued along their current path the disaster would have been untenable. Our moles are saying the deed has finally been done. This isn’t to say the road to this point has been easy or straightforward, and the road ahead is even less solid. Intel has continually moved the public bar on 10nm back, incrementally, while singing a different song internally. In their Q1/2018 earnings


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/lClC5G1pWlY/intel-has-killed-off-the-10nm-process-report-says

Original article

Spectre and Meltdown variant 4: Microsoft, Google and Intel reveal new Speculative Store Bypass chip vulnerability

Just when you thought you could forget about the Spectre and Meltdown chip vulnerabilities, yet another variant has been discovered. Known as Speculative Store Bypass, the vulnerability affects chips from AMD and Intel, as well as Power 8, Power 9 and System z processors. The vulnerability has been assigned CVE-2018-3639, and successful exploitation would mean that an attacker could gain access to data. The attack can be carried out through a “language-based runtime environment” such as JavaScript. Some patches exist while others are in development, and they include the same performance hit associated with patches for the previous vulnerabilities. See… [Continue Reading]


Original URL: https://betanews.com/2018/05/22/speculative-store-bypass-variant-4-vulnerability/

Original article

Intel Replaces its Buggy Fix for Skylake PCs

Intel has released new microcode to address the stability and reboot issues on systems after installing its initial mitigations for Variant 2 of the Meltdown and Spectre attacks. From a report: The stability issues caused by Intel’s microcode updates resulted in Lenovo, HP, and Dell halting their deployment of BIOS updates last month as Intel worked to resolve the problems. Intel initially said unexpected reboots were only seen on Broadwell and Haswell chips, but later admitted newer Skylake architecture chips were also affected. Microsoft also said it had also seen Intel’s updates cause data loss or corruption in some cases.

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/WAuE8IgN0Nw/intel-replaces-its-buggy-fix-for-skylake-pcs

Original article

Intel releases updated Spectre and Meltdown patches for Skylake systems

It may have been a while since there was major news about the Spectre and Meltdown bugs, but the problems have not gone away. After previously releasing unstable patches, Intel has now launched a microcode update for Skylake systems. Despite the problems with both stability and performance with Spectre and Meltdown patches, Intel uses an announcement about the latest updates to stress the importance of installing patches in a timely fashion. There’s more than a hint of irony in the fact that Intel had to tell users to stop using an earlier update because of the problems it was causing.… [Continue Reading]


Original URL: https://betanews.com/2018/02/08/intel-spectre-meltdown-patch-skylake/

Original article

Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations

An anonymous reader quotes BleepingComputer: Microsoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715). The update — KB4078130 — targets Windows 7 (SP1), Windows 8.1, all versions of Windows 10, and all supported Windows Server distributions. Microsoft shipped mitigations for the Meltdown and Spectre bugs on January 3. The company said it decided to disable mitigations for the Spectre Variant 2 bug after Intel publicly admitted that the microcode updates it developed for this bug caused “higher than expected reboots and other unpredictable system behavior” that led to “data loss or corruption.” HP, Dell, and Red Hat took previous steps during the past week.

“We are also offering a new option — available for advanced users on impacted devices — to manually disable and enable the mitigation against Spectre Variant 2 (CVE 2017-5715) independently via registry setting changes…” Microsoft


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/tKE_iru7OBM/microsoft-issues-windows-out-of-band-update-that-disables-spectre-mitigations

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: