Massive security failure found in Intel processor -


Post Top Ad

Post Top Ad

Thursday, 4 January 2018

Massive security failure found in Intel processor

Almost all Intel processors manufactured in the last decade contain a major security flaw that could be exploited in severe attacks. If that's not bad enough, patching the problem could affect a CPU's performance by up to 35 percent.

The machine that works with patched Intel processors will work more slowly.
The exact details of the vulnerability of these Intel processors have undergone a study to give Intel time to work on a solution. According to The Register, the flaw could allow normal user programs to see part of the content of protected kernel memory areas, which means that any malicious program might be able to read information such as passwords, passwords, files stored in cache from the disk and more.

"Imagine a JavaScript running in a browser, or a malicious software running on a server in a shared public cloud, capable of sniffing sensitive data from the sensitive core," The Register wrote.

Since the problem of the Intel processors is within the Intel x86-64 hardware, it can not be solved with a microcode update; instead, a compromise is required at the level of the affected Operating Systems, which includes Windows, Linux and MacOS.

The immediate solution comes in the form of an isolation of the core page table (PTI), which separates core memory from user processes. But this solution increases the core overload, causing the system to slow down between 5 and 30 percent, "depending on the task and the model of the processor."

These KPTI [Kernel Page Table Isolation] patches move the kernel to an address space completely separate from the running process. There is clearly a flaw in Intel's silicon that allows kernel access protections to be overlooked in some way.

The disadvantage of this separation is that it is relatively costly, in terms of time, to switch between two separate address spaces for each system call and for each hardware interruption. These context switches do not happen instantly, and force the processor to dump the cached data and reload the memory information. This increases the core overload and slows down the computer.

It seems that companies that use virtualized environments are the most important objectives for those who seek to exploit the vulnerability. There are indications that the attack impacts the most common virtualization environments, such as Amazon EC2 and Google Compute Engine. But now Microsoft, Amazon and Google are working on arrangements that will be implemented during the next week.

For everyday users, patches may not have much impact on the daily use and speeds of your PC, further, future corrections should have less effect on performance.

Intel's rival, AMD, has already used the vulnerability as a way to promote its processors, which says they are not affected due to their additional security protections.

AMD processors are not subject to the types of attacks against which the isolation function of the core page table protects, "wrote Thomas Lendacky, a member of AMD's Linux OS group. AMD microarchitecture does not allow memory references, including speculative references, that access higher level data. When they run in a lower level mode, it's when that access results in a page fault. "

No comments:

Post a Comment

Post Top Ad