Take a look at our
ThinkPads.com HOME PAGE
For those who might want to contribute to the blog, start here: Editors Alley Topic
Then contact Bill with a Private Message
ThinkPads.com HOME PAGE
For those who might want to contribute to the blog, start here: Editors Alley Topic
Then contact Bill with a Private Message
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
https://www.theregister.co.uk/2018/01/0 ... sign_flaw/
A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.
Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model.
ADMIN EDIT:
Intel: Stop firmware patching until further notice
January 23, 2018
A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.
Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model.
ADMIN EDIT:
Intel: Stop firmware patching until further notice
January 23, 2018
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior ThinkPadder
- Posts: 2235
- Joined: Thu Jul 30, 2015 11:29 pm
- Location: Boston, Massachusetts
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Speculative execution is a feature on Intel CPUs as early as the Pentium III. (maybe earlier)
AMD processors do not have this security flaw however the OS patches will indiscriminately affect both Intel and AMD computers.
AMD processors do not have this security flaw however the OS patches will indiscriminately affect both Intel and AMD computers.
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Microsoft issues emergency Windows update for processor security bugs
Microsoft is issuing a rare out-of-band security update to supported versions of Windows today. The software update is part of a number of fixes that will protect against a newly-discovered processor bug in Intel, AMD, and ARM chipsets. Sources familiar with Microsoft’s plans tell The Verge that the company will issue a Windows update that will be automatically applied to Windows 10 machines at 5PM ET / 2PM PT today.
Microsoft is issuing a rare out-of-band security update to supported versions of Windows today. The software update is part of a number of fixes that will protect against a newly-discovered processor bug in Intel, AMD, and ARM chipsets. Sources familiar with Microsoft’s plans tell The Verge that the company will issue a Windows update that will be automatically applied to Windows 10 machines at 5PM ET / 2PM PT today.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Seems like disabling Javascript for everything except trusted sites wasn't a bad idea.
Active --- Love the X series
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Assuming the cited performance drops are really across the board, one has to wonder whether this terrible flaw, which evidently has been around for almost 2 decades without being exploited, is worth patching.
Given the state of panic everyone seems to be in, I would assume that there must be some really easy ways to exploit the flaw, and the only reason it hasn't been so far is that no one really realized it?
Given the state of panic everyone seems to be in, I would assume that there must be some really easy ways to exploit the flaw, and the only reason it hasn't been so far is that no one really realized it?
Thinkpad 25 (20K7), T490 (20N3), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
There are two different issues Meltdown and Spectre https://meltdownattack.com/ Meltdown can be exploited by any javascript kiddie on Intel CPUs while Spectre is harder to exploit, but almost impossible to fix without changes in hardware design and affects all Intel/AMD/ARM architectures.
The root cause is always the same, maximum performance vs security
Last edited by Puppy on Thu Jan 04, 2018 4:02 am, edited 1 time in total.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Yes, time to install the pesky NoScript addon for a while
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Admin Emeritus
- Posts: 23825
- Joined: Mon Sep 18, 2006 5:17 am
- Location: Loch Garman, Éire
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Methinks that people who work on "secret" stuff shouldn't go online with such a machine to begin with!
Problem solved (for them).
Problem solved (for them).
Lovely day for a Guinness! (The Real Black Stuff)
Lenovo: X240, X250, T440p, T480, M900 Tiny.
PS: the old Boardroom website is still available on the Wayback Machine.
Lenovo: X240, X250, T440p, T480, M900 Tiny.
PS: the old Boardroom website is still available on the Wayback Machine.
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Reports are that Academia and Google discovered the exploit.
Could this have been the partnership between IBM (Watson) and Google? Academia is a bit too obscure and general IMO.
Could this have been the partnership between IBM (Watson) and Google? Academia is a bit too obscure and general IMO.
Active --- Love the X series
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Nothing can be more untrustworthy than Google (or Facebook). The page https://meltdownattack.com/ credits more sources that independently discovered the issue. For me, the Rambus source makes the most sense.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
More info regarding possible JavaScript attack in browsers
Firefox 57: https://blog.mozilla.org/security/2018/ ... ng-attack/
IE11/Edge: https://blogs.windows.com/msedgedev/201 ... -explorer/
Firefox 57: https://blog.mozilla.org/security/2018/ ... ng-attack/
IE11/Edge: https://blogs.windows.com/msedgedev/201 ... -explorer/
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Finding an exploit that arguably affects all computer hardware which can only be fixed by slowing down that hardware is potentially a huge boost to the computer industry.
Apple eat your heart out this is how it is done.
I wonder if the update to Windows 7 will be as efficient as the Windows 10 update.
Apple eat your heart out this is how it is done.
I wonder if the update to Windows 7 will be as efficient as the Windows 10 update.
Active --- Love the X series
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Some sources indicates the bug is already being exploited on web sites.
Video demonstration of the issue https://twitter.com/misc0110/status/948706387491786752
Video demonstration of the issue https://twitter.com/misc0110/status/948706387491786752
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Yeah, but specifics matter. How easy is it to craft an exploit? How easy is it to get practical information from it? Does it require an unusual set of circumstances to get anything rather than random garbage? If you have a malicious program hunting for leaked data - what are the odds of finding something valuable? 1 in 1? 1 in 100? 1 in 1,000,000? How much a performance hit are you going to take by patching against this behavior? 5% 10% 50%? Across the board or in specific workflows? etc, etc.
These questions are not easy to answer, and it seems that these days every darn click-bait site is oh-so-happy to publish any amount of FUD and make users think that if they don't apply every freaking patch the second it's out, then they might just as well broadcast their social security numbers and the code to their household safe on national television.
My understanding is that these new exploits (well, not really new, just newly discussed) are considered especially bad because they break the user-space / kernel-space separation and allow a user-level process to obtain kernel-level data without seemingly doing anything "wrong". So of course it's "horrible". However, given how easy it is to get naive folks to install a kernel-mode rootkit without noticing, and how many "privilege escalation" exploits have been published over the years that simply elevate malicious processes to root/system level where they can do anything anyways, is this new one really so much worse than all the others? Especially given that to date no one seems to know of a single in-the-wild abuse case.
Thinkpad 25 (20K7), T490 (20N3), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Check the twitter link in my last reply.
I understand you but most of these privilege escalation bugs gets fixed soon or later (and technologies like ASLR can partially prevent them) so it is hard to exploit them because there is limited time span an attacker can do that and it is CPU architecture specific. These two are much more serious. The Meltdown probably can be fixed but the performance penalty is rather unknown yet. Many users will start panic and try to skip the update so we will have many vulnerable machines that can be used as 'zombie machines' by attackers. The Spectre is probably the most interesting vulnerability for attackers because is OS a CPU architecture agnostic thus it makes sense to try to exploit it since there is no real fix.dr_st wrote: ↑Thu Jan 04, 2018 12:07 pmMy understanding is that these new exploits (well, not really new, just newly discussed) are considered especially bad because they break the user-space / kernel-space separation and allow a user-level process to obtain kernel-level data without seemingly doing anything "wrong". So of course it's "horrible". However, given how easy it is to get naive folks to install a kernel-mode rootkit without noticing, and how many "privilege escalation" exploits have been published over the years that simply elevate malicious processes to root/system level where they can do anything anyways, is this new one really so much worse than all the others? Especially given that to date no one seems to know of a single in-the-wild abuse case.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior Member
- Posts: 817
- Joined: Fri Oct 17, 2014 8:13 pm
- Location: kingston, ontario, Canada
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Update, there is article at anandtech on this processor attack. This is not even includes as way back as 1st gen i core series, problem does extend back to 1995 era processors as well. The true fix will be in future new processors. For time being the fix is OS themselves needs to be patched and problem is this does not include XP and any older OSes support is in question except current versions of OSes get the fixes. The problem is widespread and I did not mean just windows, all OSes on any processors in use worldwide. In nutshell this is serious. Impact of performance is unknown but everyone is working on measuring the impact of performance with the patch applied.
Cheers, thinkpadcollection
Cheers, thinkpadcollection
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
I still run R51 with the XP patches POS trick, let's see whether there is the update available or not.thinkpadcollection wrote: ↑Thu Jan 04, 2018 2:52 pmneeds to be patched and problem is this does not include XP
It is also unknown how it affects virtualization (VirtualBox) that is very important for me.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Intel was aware of the chip vulnerability when its CEO sold off $24 million in company stock
https://www.businessinsider.com.au/inte ... law-2018-1
https://www.businessinsider.com.au/inte ... law-2018-1
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior ThinkPadder
- Posts: 2235
- Joined: Thu Jul 30, 2015 11:29 pm
- Location: Boston, Massachusetts
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Windows 10 patches:
http://www.catalog.update.microsoft.com ... =KB4056892
Windows 8.1 patches:
http://www.catalog.update.microsoft.com ... =KB4056898
Windows 7 patches:
http://www.catalog.update.microsoft.com ... =KB4056897
Having installed the Windows 7 x64 patch on my T500 I don't notice any difference in performance.
http://www.catalog.update.microsoft.com ... =KB4056892
Windows 8.1 patches:
http://www.catalog.update.microsoft.com ... =KB4056898
Windows 7 patches:
http://www.catalog.update.microsoft.com ... =KB4056897
Having installed the Windows 7 x64 patch on my T500 I don't notice any difference in performance.
Last edited by TPFanatic on Thu Jan 04, 2018 11:14 pm, edited 1 time in total.
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
The Windows Update Catalog site seems to be under high load and down.
EDIT, if you change the links to https://..., it works
There is another one for IE11/Edge https://portal.msrc.microsoft.com/en-US ... /ADV180002
EDIT, if you change the links to https://..., it works
There is another one for IE11/Edge https://portal.msrc.microsoft.com/en-US ... /ADV180002
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
BTW VirtualBox forum pointed to this article http://pythonsweetness.tumblr.com/post/ ... page-table that links another one https://arxiv.org/abs/1710.00551 stating the Rowhammer DRAM bug is still possible to exploit. It looks like 2018 is year of vulnerabilities.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
It makes you wonder how many more "Exploits" did Edward Snowden forward on to Project Zero
Intel will need to design some new backdoors for the NSA
Intel will need to design some new backdoors for the NSA
Active --- Love the X series
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
X301 W 7/Mint | X201 540M L Mint | X220 2520 W7/Mint
Nostalgia
X61 T7500 / T41 T42 T43 / A31
Rogue daily driver - Samsung RV511 15.6 " Screen - W 7
-
- Senior ThinkPadder
- Posts: 2235
- Joined: Thu Jul 30, 2015 11:29 pm
- Location: Boston, Massachusetts
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Suremost way to secure your computer:
-
- Senior Member
- Posts: 817
- Joined: Fri Oct 17, 2014 8:13 pm
- Location: kingston, ontario, Canada
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Intel and hammer is immature but funny, but get serious. I did not specify which processors, how to get to the computer by any means in question is immaterial, this problem lies in speculative execution that nearly 90% of processors out there supports this and this is done mostly in software as well as hardware in some way. This include POWER, ARM, Intel, AMD (currently via Spectre attack), etc.
Despite the articles on Meltdown and Spectre both requires direct access to the computer itself to pry data from processor via speculative execution attack. Yet not only way by direct access in person there is other way I knew all you do is begin that by drive by attack. In order to do this via drive by download attack to drop this speculative execution attack payload in place and execute that and use other payloads to gather up the information gleaned from this speculative execution attack in this fashion.
Project Zero is Google's arm in their one of their many departments, also not only one, other teams from other industries are working together on this as well. Frankly, I do not like NDA especially how processor makers wanted to keep lid on more details till this 9th of Jan, 2018. Because of this my comment stems from speculative execution attack methods was found out last summer of 2017.
Cheers, thinkpadcollection
Despite the articles on Meltdown and Spectre both requires direct access to the computer itself to pry data from processor via speculative execution attack. Yet not only way by direct access in person there is other way I knew all you do is begin that by drive by attack. In order to do this via drive by download attack to drop this speculative execution attack payload in place and execute that and use other payloads to gather up the information gleaned from this speculative execution attack in this fashion.
Project Zero is Google's arm in their one of their many departments, also not only one, other teams from other industries are working together on this as well. Frankly, I do not like NDA especially how processor makers wanted to keep lid on more details till this 9th of Jan, 2018. Because of this my comment stems from speculative execution attack methods was found out last summer of 2017.
Cheers, thinkpadcollection
-
- Senior ThinkPadder
- Posts: 2235
- Joined: Thu Jul 30, 2015 11:29 pm
- Location: Boston, Massachusetts
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
The wireless card is supposed to symbolize a wireless card.
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Firefox 57.0.4 update https://www.mozilla.org/en-US/security/ ... sa2018-01/
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
The "Telstra ADSL" joke never gets old.
Thinkpad 25 (20K7), T490 (20N3), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
There will not be patch for Intel 2nd Gen CPUs in .20 ThinkPad series https://support.lenovo.com/cz/cs/solutions/len-18282
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Good. I wish someone comes up with an easy way to fully reject the OS patches as well.
Thinkpad 25 (20K7), T490 (20N3), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad
-
- Senior ThinkPadder
- Posts: 2821
- Joined: Sat Oct 30, 2004 4:52 am
- Location: Prague, Czech Republic
Re: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Why? The real performance impact is close to zero but the risk of these vulnerabilities is too high.
ThinkPad (1992 - 2012): R51, X31, X220
Huawei MateBook 13
Huawei MateBook 13
-
- Similar Topics
- Replies
- Views
- Last post
-
-
is it a design flaw for power switch to be part of keyboard?
by thisway » Fri Dec 29, 2023 11:06 am » in ThinkPad T400/T410/T420 and T500/T510/T520 Series - 2 Replies
- 18141 Views
-
Last post by dr_st
Sat Dec 30, 2023 6:31 am
-
-
-
Windows 11 Support on AMD A9 processor?
by ThinkPad560X » Tue Apr 02, 2024 12:14 pm » in Off-Topic Stuff - 7 Replies
- 414 Views
-
Last post by mikemex
Thu Apr 04, 2024 2:03 am
-
-
-
updating T480 bios without Windows (I use Linux)
by redglow » Fri Nov 03, 2023 3:15 am » in ThinkPad T430-T490 / T530-T590 Series - 25 Replies
- 30441 Views
-
Last post by redglow
Tue Nov 14, 2023 1:00 pm
-
-
-
thinkpad t440p Linux trackpad + trackpoint not working.
by jaggreaney » Thu Nov 09, 2023 2:54 pm » in ThinkPad T430-T490 / T530-T590 Series - 1 Replies
- 2801 Views
-
Last post by RealBlackStuff
Thu Nov 09, 2023 11:48 pm
-
Who is online
Users browsing this forum: No registered users and 16 guests