![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
erek
[H]F Junkie
- Joined
- Dec 19, 2005
- Messages
- 10,891
Thanks to KarateBob for this tip!
"The microcode update fixing this bug locks the entire memory bus before updating the staging buffer and unlocks it only after clearing its content. The strategy behind this change is to ensure no information is exposed to offcore requests made by other CPU cores. Intel is applying the changes only to a select number of security-critical instructions, including RDRAND, RDSEED, and EGETKEY. The researchers say the fix means that output from any other instruction, such as WRMSR, can still be leaked across CPU cores.
The takeaway for most users of Intel CPUs is that the vulnerabilities being fixed in the coming weeks could be serious in coming years, but they don’t represent an immediate threat. Risks could be higher in cloud environments that share the same CPU among unrelated customers, but even in these environments there are things skilled engineers can do to mitigate attacks.
The larger conclusion from this latest volley of attacks is that the exploits besieging Intel aren’t likely to abate any time soon. With a disproportionate number of vulnerabilities being reported in Intel CPUs, relative to AMD and ARM processors, it’s incumbent on the world’s largest chipmaker to devise a secure development lifecycle that will guide its long-term path."
https://arstechnica.com/information...to-keys-and-more-from-intels-ultrasecure-sgx/
"The microcode update fixing this bug locks the entire memory bus before updating the staging buffer and unlocks it only after clearing its content. The strategy behind this change is to ensure no information is exposed to offcore requests made by other CPU cores. Intel is applying the changes only to a select number of security-critical instructions, including RDRAND, RDSEED, and EGETKEY. The researchers say the fix means that output from any other instruction, such as WRMSR, can still be leaked across CPU cores.
The takeaway for most users of Intel CPUs is that the vulnerabilities being fixed in the coming weeks could be serious in coming years, but they don’t represent an immediate threat. Risks could be higher in cloud environments that share the same CPU among unrelated customers, but even in these environments there are things skilled engineers can do to mitigate attacks.
The larger conclusion from this latest volley of attacks is that the exploits besieging Intel aren’t likely to abate any time soon. With a disproportionate number of vulnerabilities being reported in Intel CPUs, relative to AMD and ARM processors, it’s incumbent on the world’s largest chipmaker to devise a secure development lifecycle that will guide its long-term path."
https://arstechnica.com/information...to-keys-and-more-from-intels-ultrasecure-sgx/
