Šta je novo?

Meltdown / Spectre

MS ce objavljivati microcode kroz standalone update.
Lista procesora na koje se primenjuje microcode je ovde:
https://support.microsoft.com/en-us/help/4090007/intel-microcode-updates

Sam update:
https://www.catalog.update.microsoft.com/Search.aspx?q=KB4090007

Ovaj update se nece nuditi automatski.

Dokle je Intel stigao sa microcode update-ovima za procesore:
6. March 2018.

https://newsroom.intel.com/wp-content/uploads/sites/11/2018/03/microcode-update-guidance.pdf
Ako sam dobro razumeo, posto sam instalirao novi bios, ne treba da instaliram ovaj win10 update? A za i5 2400, koji mi je drugi cpu, posto za tu plocu nema bios-a, sta bih trebao instalirati?

Послато са Nexus 6P уз помоћ Тапатока
 
Sacekas da se pojavi Sandy Bridge u listi i onda instaliras standalone update.
 
E, tako. :D

Mišljenja sam da je bolji, jer se ažurira.

I još nešto, upotrebite InSpectre pre i posle zakrpe, bilo da je isporučena preko
mcupdate_GenuineIntel.dll
ili BIOS-a.

Čisto da uporedite, da li imate novi mikrokod ili ne.
 
BranchScope:

PDF

As predicted, more branch prediction processor attacks are discovered

12 Concluding Remarks
In this paper we presented BranchScope — a new microarchitectural side-channel attack that exploits directional branch predictor to leak secret data. We demonstrated the attack on recent Intel processors. Our results showed that secret bits can be recovered by the attacker with very low error rate and without the knowledge of the internal predictor organization. Therefore, researchers and system developers have to consider BranchScope as a new security threat while designing future systems. We proposed several countermeasures to protect future systems from BranchScope.

The researchers looked only at Intel processors, using the attacks to leak information protected using Intel's SGX (Software Guard Extensions), a feature found on certain chips to carve out small sections of encrypted code and data such that even the operating system (or virtualization software) cannot access it. They also described ways the attack could be used against address space layout randomization and to infer data in encryption and image libraries.
 
Intel: No Microcode Updates for some older CPUs

Lista procesora koji će izvisiti za (dalji) MCU (microcode update):

- Bloomfield
- Bloomfield Xeon
- Clarksfield
- Gulftown
- Harpertown Xeon C0
- Harpertown Xeon E0
- Jasper Forest
- Penryn/QC
- SoFIA 3GR
- Wolfdale C0
- Wolfdale M0
- Wolfdale E0
- Wolfdale R0
- Wolfdale Xeon C0
- Wolfdale Xeon E0
- Yorkfield
- Yorkfield Xeon
 
Poslednja izmena:
Ako moze pomoc, imam Windows 7 64bit i gde mogu da nadjem Microcode za i7 3770 procesor? Kad odem na ark.intel pise da ima Microcode samo za Linux a kad odem na sajt Asusa za moj model poslednji BIOS je iz 2014. godine cak i za Windows 10. Kada ukljucim InSpectre sto je CountMike postavio iznad pise mi Microcode Update Available: YES. U InSpectru ako dobro razumem pise da moze da se resi sa Windows update KB4090007 ali ja kad odem tamo update ima samo za Windows 10. Da li neko zna kako da resim to?
 
Eight new Spectre Variant Vulnerabilities for Intel Discovered - four of them critical

Malo šale:
z8GhdgM.png
 
Poslednja izmena:
Ne baš, biće još zakrpa. :D
 
Poslednja izmena:
New Spectre-like attack uses speculative execution to overflow buffers

This speculative execution can even do other things that wouldn't be allowed: for example, Intel processors allow speculative writes to be made to read-only memory, giving even more power to an attacker. This has some similarity to the Meltdown attack; Intel and certain ARM processors (though not AMD chips) will allow user-mode programs to speculatively read kernel-mode memory because of the way the processors defer checking whether the access is permitted. It turns out that they also defer checking whether a write is permitted, too.
 
Ja sam mislio da samo naši pravnici proizvode besmislice ali ovo je suludo. Da li je ovo uopšte pravno obavezujuće?
 
Pravo je pitanje, da li je ovo legalno uopšte?
 
JayzTwoCents: https://twitter.com/JayzTwoCents/status/1032657584048627712

JayzTwoCents
‏Verified account @JayzTwoCents

Fun fact about Spectre/Meltdown slowdowns that Intel has tried to cover up. Skunkworks on its 6950X at 4.4GHz scores higher PC Marks on Win 8.1 than my 7900X at 4.7GHz does in windows 10 with patches, same memory and speed too. So we DO know the CPUs with patches have slowed down
 
Poslednja izmena:
Nazad
Vrh Dno