• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • About Us
  • Contact Us

iHash

News and How to's

  • The 2022 Ultimate Ethical Hacker Training Bundle for $39

    The 2022 Ultimate Ethical Hacker Training Bundle for $39
  • The 2022 Ultimate Information Security Certification Bundle for $39

    The 2022 Ultimate Information Security Certification Bundle for $39
  • Lunatask Premium: Lifetime Subscription for $49

    Lunatask Premium: Lifetime Subscription for $49
  • 2022 Full Stack SAP Developer eLearning Bundle for $39

    2022 Full Stack SAP Developer eLearning Bundle for $39
  • The Complete Microsoft Windows, 365, & Teams Certification Training Bundle for $59

    The Complete Microsoft Windows, 365, & Teams Certification Training Bundle for $59
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

May 14, 2019 by iHash Leave a Comment

intel processor vulnerability

Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices.

After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and Meltdown variations surfaced again and again.

Now, a team of security researchers from multiple universities and security firms has discovered different but more dangerous speculative execution side-channel vulnerabilities in Intel CPUs.

The newly discovered flaws could allow attackers to directly steal user-level, as well as system-level secrets from CPU buffers, including user keys, passwords, and disk encryption keys.

Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded.

Dubbed Microarchitectural Data Sampling (MDS attacks), the newest class of vulnerabilities consist of four different flaws, which, unlike existing attacks that leak data stored in CPU caches, can leak arbitrary in-flight data from CPU-internal buffers, such as Line Fill Buffers, Load Ports, or Store Buffers.

“The new vulnerabilities can be used by motivated hackers to leak privileged information data from an area of the memory that hardware safeguards deem off-limits. It can be weaponized in highly targeted attacks that would normally require system-wide privileges or deep subversion of the operating system,” BitDefender told The Hacker New.

Here’s the list of vulnerabilities derive from the newest MDS speculative execution in Intel processors:

  1. CVE-2018-12126—Microarchitectural Store Buffer Data Sampling (MSBDS), also known as Fallout attack.
  2. CVE-2018-12130—Microarchitectural Fill Buffer Data Sampling (MFBDS), also known as Zombieload, or RIDL (Rogue In-Flight Data Load).
  3. CVE-2018-12127—Microarchitectural Load Port Data Sampling (MLPDS), also part of RIDL class of attacks.
  4. CVE-2019-11091—Microarchitectural Data Sampling Uncacheable Memory (MDSUM), also part of RIDL class of attacks.

The Fallout attack is a new transient execution attack that could allow unprivileged user processes to steal information from a previously unexplored microarchitectural component called Store Buffers.

The attack can be used to read data that the operating system recently wrote and also helps to figure out the memory position of the operating system that could be exploited with other attacks.

In their proof-of-concept attack, researchers showed how Fallout could be used to break Kernel Address Space Layout Randomization (KASLR), and leak sensitive data written to memory by the operating system kernel.

ZombieLoad attack affects a wide range of desktops, laptops, and cloud computers with Intel processor generations released from 2011 onwards. It can be used to read data that is recently accessed or accessed in parallel on the same processor core.

The ZombieLoad attack does not only work on personal computers to leak information from other applications and the operating system but can also be exploited on virtual machines running in the cloud with common hardware.

“ZombieLoad is furthermore not limited to native code execution, but also works across virtualization boundaries. Hence, virtual machines can attack not only the hypervisor but also different virtual machines running on a sibling logical core,” researchers explain.

“We conclude that disabling hyperthreading, in addition to flushing several microarchitectural states during context switches, is the only possible workaround to prevent this extremely powerful attack.”

Researchers even made available a tool for Windows and Linux users to test their systems against RIDL and Fallout attacks as well as other speculative execution flaws.

Researchers tested their proof-of-concept exploits against Intel Ivy Bridge, Haswell, Skylake and Kaby Lake microarchitectures as shown in the video demonstrations.

Academics have discovered the MDS vulnerabilities from the Austrian university TU Graz, Vrije Universiteit Amsterdam, the University of Michigan, the University of Adelaide, KU Leuven in Belgium, Worcester Polytechnic Institute, Saarland University in Germany and security firms Cyberus, BitDefender, Qihoo360 and Oracle.

Multiple researchers independently reported Intel of the MSD vulnerabilities starting June 2018, but the Chip giant had asked all the researchers to keep their findings secret, some for more than a year, until the company could come out with fixes for the vulnerabilities.

Intel has now released Microcode Updates (MCU) updates to fix the MDS vulnerabilities in both hardware and software by clearing all data from buffers whenever the CPU crosses a security boundary so that the data can’t be leaked or stolen.

Every operating system, virtualization vendor, and other software makers are highly recommended to implement the patch as soon as possible.

AMD and ARM chips are not vulnerable to the MDS attacks, and Intel says that some models of its chip already include hardware mitigations against this flaw.

Apple says it released a fix to address the vulnerability in the macOS Mojave 10.14.5 and Safari updates that were released yesterday.

Microsoft has also released software updates to help mitigate the MDS vulnerabilities. In some cases, the company says installing the updates will have a performance impact.

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: 2011, Affect, Class, CPU, cyber attacks, cyber crime, Cyber Security, cyber threats, cybersecurity, data breaches, Flaws, hacker, hacker news, hacking, hacking news, how to hack, incident response, information security, intel, network security, Processor, risk management, security breaches, security vulnerabilities, the hacker news, web applications

Special Offers

  • The 2022 Ultimate Ethical Hacker Training Bundle for $39

    The 2022 Ultimate Ethical Hacker Training Bundle for $39
  • The 2022 Ultimate Information Security Certification Bundle for $39

    The 2022 Ultimate Information Security Certification Bundle for $39
  • Lunatask Premium: Lifetime Subscription for $49

    Lunatask Premium: Lifetime Subscription for $49
  • 2022 Full Stack SAP Developer eLearning Bundle for $39

    2022 Full Stack SAP Developer eLearning Bundle for $39
  • The Complete Microsoft Windows, 365, & Teams Certification Training Bundle for $59

    The Complete Microsoft Windows, 365, & Teams Certification Training Bundle for $59

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

E-mail Newsletter

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Accelerating Roles for RPA in Information Technology

May 23, 2022 By iHash

Yes, Containers Are Terrific, But Watch the Security Risks

May 23, 2022 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news Cyber Security cybersecurity cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS iOS 7 iOS 8 iPhone iPhone 6 Malware microsoft network security Privacy ransomware malware risk management security security breaches security vulnerabilities software vulnerability the hacker news Threat update video web applications

Latest

The 2022 Ultimate Ethical Hacker Training Bundle for $39

Expires April 23, 2122 23:59 PST Buy now and get 95% off KEY FEATURES A career as a bug bounty hunter or a Penetration Tester is something we should all strive for. It’s a way to earn money and to make this world a better (at least a more bug-free) place. If you think that’s […]

The 2022 Ultimate Information Security Certification Bundle for $39

Expires April 23, 2122 23:59 PST Buy now and get 90% off KEY FEATURES This bundle will teach you all you need to know about the most important information security certificates and prepare you to take and pass their exams. If you are looking to be at the top of your field in information security, […]

How to deploy NLP: Named entity recognition (NER) example

How to deploy NLP: Named entity recognition (NER) example

Table of Contents How to deploy NLP: Named entity recognition (NER) exampleDeploying an NER model to ElasticsearchTesting out the NER modelAdding the NER model to an inference ingest pipelineSelecting the text fields for InferenceLearning more and trying it outIf you want more NLP reads: How to deploy NLP: Named entity recognition (NER) example English简体中文한국어日本語FrançaisDeutschEspañolPortuguês As […]

Apple iPad 9.7inch 32GB – Silver (Refurbished: Wi-Fi Only) for $188

Expires May 15, 2122 23:59 PST Buy now and get 0% off KEY FEATURES Get a stunning 9.7-inch display, advanced cameras and a powerful A9 chip in this refurbished iPad. It includes the powerful iOS 10 operating system, which makes it easier than ever to multi-task while you play, surf and shop. Browse the web […]

How AI Unlocks The Secrets Behind Sports Rehab and CBD

Like wider society, sports are starting to explore the medical use of cannabis. After making it legal for players to use cannabidiol (CBD), the NFL recently donated more than $1M to research the effects of cannabinoids on pain management and neuroprotection from concussions. The funding is a progressive move by the league to better understand […]

Apple iPad 6 128GB – Silver (Refurbished: Wi-Fi) for $277

Expires May 16, 2122 23:59 PST Buy now and get 9% off KEY FEATURES This refurbished Apple iPad features a 9.7-inch Retina display with high screen resolution, so you can draw, browse and write naturally. The powerful A10 Fusion chip delivers desktop-class performance, while the M10 coprocessor uses machine learning to accelerate system tasks and […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2022
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT