Jump to content
apianti

Intel CPU hardware vulnerability

83 posts in this topic

Recommended Posts

Posted (edited)

If you updated your firmware because it included a microcode update, then that microcode update is applied to everything. The microcode update can only be updated to a higher version after that. So in order for the update to not be used/protecting you, you would need to downgrade your firmware again. However, linux and windows frequently have microcode updates in the OS, I do not know if macOS does this, I'm pretty sure that they are all firmware updates. This doesn't really matter though since your microcode update is persistent because it is applied at boot before anything else could possibly modify it, save an attack on a vulnerability but that's another thing all together and very unlikely you will ever have to worry, let alone think about that.

EDIT: Double posted on accident, removed duplicate.

Edited by apianti

Share this post


Link to post
Share on other sites
Advertisement

OK, so I should be protected also on macOS now? As I have dual BIOS (currently one patched and one unpatched) it would relatively easy for me to switch back, and if only for testing purposes. I was just curious if the patch is actually also effective on macOS, but if I understand you correctly, this should be the case.

Share this post


Link to post
Share on other sites
5 minutes ago, frankiee said:

OK, so I should be protected also on macOS now? As I have dual BIOS (currently one patched and one unpatched) it would relatively easy for me to switch back, and if only for testing purposes. I was just curious if the patch is actually also effective on macOS, but if I understand you correctly, this should be the case.

You do understand and are protected.

Share this post


Link to post
Share on other sites

By the way,

There's UBU Bios updater, that update CPU Microcode and OROM's for AMI bioses, this is useful for anyone that don't have bios updated since the CPU's vulnerability from Manufacturers website!

And i guess that we still need "Microcode Bios Updated + OS Updated" to be relatively protected

Share this post


Link to post
Share on other sites

Hey Riley how are you ^_^,

I don't think that it will be a BIOS update by the manufacturers, unless a release for OEM machines

Share this post


Link to post
Share on other sites
On 1/3/2018 at 5:38 PM, apianti said:

 

Yes. It is a vulnerability in Intel CPUs themselves. I've found other sources that have said almost every Intel CPU in the past 12 years has this vulnerability - across families and models. Although some newer generations have models that have a feature, PCID (Process-Context IDentifiers), that unintentionally mitigates this is partially so it won't take as much of a performance hit but still affected.

A new serious side-channel vulnerability has been discovered in Intel CPUs by a team of security researchers. The flaw could enable malicious actors to access processes that are running in the same CPU core with simultaneous multithreading technology and steal sensitive information, such as passwords or cryptographic keys. PortSmash vulnerability tracked as CVE-2018-5407

 

Share this post


Link to post
Share on other sites

Yeah, I saw that about a month ago. There was also an expansion of the Spectre and Meltdown vulnerabilities as well about a week later. This actually confirmed that almost every CPU made since 1995 has these vulnerabilities.

An article giving the rundown: https://www.zdnet.com/article/researchers-discover-seven-new-meltdown-and-spectre-attacks/

The actual research paper: https://arxiv.org/pdf/1811.05441.pdf

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×