Windows 10: Kernel memory leaking Intel processor design flaw

Page 13 of 14 FirstFirst ... 311121314 LastLast
  1. Polo6RGTI's Avatar
    Posts : 358
    Windows 10 Pro WS x64 17134.319
       07 Jan 2018 #120

    Check the status of the patches


    Microsoft released a set of Powershell one-liners that can be used to check if the updates installed properly.

    How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws

    https://www.powershellgallery.com/pa...ionControl/1.0


    Click image for larger version. 

Name:	Screenshot (74).png 
Views:	3 
Size:	41.9 KB 
ID:	171277
      My ComputersSystem Spec

  2. Cliff S's Avatar
    Posts : 21,250
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       07 Jan 2018 #121

    Layback Bear said: View Post
    Thank you John for this site.


    Intel CEO sold millions in stock after company was informed of vulnerability, before disclosure - MarketWatch

    You would think the SEC would be looking into such a thing.

    Jack

    Hey Jack, you'll like this one:
      My ComputersSystem Spec

  3.    07 Jan 2018 #122

    ASUS M4N68-M V2 and AMD Phenom II, NVIDIA nForce 630a chip-set and AMD CPU. Old stuff, but its my main desktop PC. SA-00086 says This system is not vulnerable. Just as well because there haven't been any BIOS updates for it in years. Already running the latest. Minimal drivers installed, only what Windows update offers. ASUS doesn't list anything for Windows 10 for my motherboard anyway. Graphics would be the only one I'd install manually, if I decided to start gaming on it again.
    Last edited by alphanumeric; 07 Jan 2018 at 07:13.
      My ComputerSystem Spec

  4.    07 Jan 2018 #123

    Meltdown & Spectre Updates Benchmarked, Big Slow Down for SSDs!

      My ComputerSystem Spec

  5.    07 Jan 2018 #124

    Sounds like they found a back door that's been there for a long time.
      My ComputerSystem Spec

  6.    07 Jan 2018 #125

    Polo6RGTI said: View Post
    Microsoft released a set of Powershell one-liners that can be used to check if the updates installed properly.

    How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws

    https://www.powershellgallery.com/pa...ionControl/1.0


    Click image for larger version. 

Name:	Screenshot (74).png 
Views:	3 
Size:	41.9 KB 
ID:	171277
    Very useful information. In the link there is a Googledoc that lists anti virus vendor response: CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754 (Meltdown and Spectre) Windows antivirus patch compatibility
      My ComputerSystem Spec

  7. johngalt's Avatar
    Posts : 1,534
    WinX Pro x64 IP current
       07 Jan 2018 #126

    Layback Bear said: View Post
    Thank you John for this site.


    Intel CEO sold millions in stock after company was informed of vulnerability, before disclosure - MarketWatch

    You would think the SEC would be looking into such a thing.

    Jack

    Yeah, I believe that there will be a major investigation -especially since one of the class-action lawsuits against Intel for the exploits is by shareholders....

    Ground Sloth said: View Post
    What would happen if speculative execution was disabled completely on an Intel Core processor? Could the processor still function?
    Yes, that has been proven - but that is also where the performance hit comes in.

    Kol12 said: View Post
    Will older motherboards and CPU's receive bios updates?
    Depends upon the manufacturer, but in general, I think most of them will take the low road by saying "No, we're not gonna patch it - buy a new one instead!"

    FerchogtX said: View Post
    Well, after reading all those articles I'm finding relief, because I will have no performance impact if I decide to install the patch...
    My years of being loyal to AMD payed off, finally!

    Still I feel bad for Intel users, I'm sure there must be a way to fix this without performance loss, they deserve it after all the money they invested in an Intel CPU...

    By the other hand, what does AV software manufacturers have to say in this matter? I don't want to install a patch that will cause me a BSOD just because the kernel integration of the AV suck...
    AV software has nothing much to say about it, other than loosening their hooks into the kernel so that the successive patches from Microsoft can be installed.

    As for being a supporter of AMD - uhh, might want to look at this first: Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches • The Register

    Although, I am a bit confused as the one researcher claims it is a remote execute flaw but OTOH it requires direct access to hardware....

    And mind you, this has nothing to do with Meltdown nor Spectre - and no one currently is immune to Spectre.

    Cliff S said: View Post
    Hey Jack, you'll like this one:
    That is about perfect. ARM is the only one who decided to play nice and say "Hey, it's tout there, it's been proven, and now we're gonna do what we can to fix it.

    alphanumeric said: View Post
    ASUS M4N68-M V2 and AMD Phenom II, NVIDIA nForce 630a chip-set and AMD CPU. Old stuff, but its my main desktop PC. SA-00086 says This system is not vulnerable. Just as well because there haven't been any BIOS updates for it in years. Already running the latest. Minimal drivers installed, only what Windows update offers. ASUS doesn't list anything for Windows 10 for my motherboard anyway. Graphics would be the only one I'd install manually, if I decided to start gaming on it again.
    Haven't looked myself, but I do know that drivers written for Window s8.1 will usually work on Windows 10 as well. Some drivers for Win 7/8 will also work on 10, but normally you cannot use an installer designed for Win7/8 on 10, you need to extract the drivers and import them in WinX yourself (I used to do this a lot with the Motorola USB drivers for Windows, as the driver package was written for Win7, worked on Win8, but tanked on Win8.1/X. I simply extracted the drivers themselves, in the form of the final .MSI packages from the executable, and then extracted the .MSI packages for the inf and cat files and manually installed the drivers in the early days of WinX to get my Motorola (Google) Nexus 6 to be recognized by WinX.

    HTH

    Peter Gibbons said: View Post
    Sounds like they found a back door that's been there for a long time.
    Actually, no. It's not a backdoor in the traditional sense, because those are things that are created by design to be used (and can get abused).

    This is an exploit - no different, really, than VB code that makes use of DLLs to which you can send malformed code to create a buffer overrun of some sort, in some manner.

    What these exploits are not is a backdoor to open your system to allow someone else to garner complete control.

    What these exploits are is pretty simple - they've found a weakness in the secure execution areas to be able to send a malformed packet of information to he CPU that causes the CPU execution to halt, without clearing out the secure information in the secure registers, which can then be dumped by other code and then done whatever with that needs to be done.

    I cannot really come up with a layman's analogy here at the moment, but let me think about it and I am sure I can come up with something.
      My ComputersSystem Spec


  8. Posts : 37,567
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       07 Jan 2018 #127

    A side door.

    Give a thief any hole, including a skylight and they'll get in. In fact, as a retired contractor I'll make a hole if I wanted to.

    An old adage in the trades is that locks are for honest people.
      My ComputersSystem Spec

  9.    07 Jan 2018 #128

    @johngalt. Drivers aren't an issue for me. The Windows Update supplied drivers are more current than any of the ones I could find on the ASUS site for my motherboard. Everything works the way its supposed to so no problem. I can get Windows 10 drivers for my NVidia card from NVidia. I haven't bothered because my triple monitor setup works just fine with the Windows update supplied drivers. The few games I play work just fine too.

    In the early days of Windows 8 I did what you suggested, and tried the Windows 7 etc drivers. Mixed results if I remember correctly.
      My ComputerSystem Spec

  10. johngalt's Avatar
    Posts : 1,534
    WinX Pro x64 IP current
       07 Jan 2018 #129

    Tony K said: View Post
    A side door.

    Give a thief any hole, including a skylight and they'll get in. In fact, as a retired contractor I'll make a hole if I wanted to.

    An old adage in the trades is that locks are for honest people.
    Nah, not really. door of any kind implies the opening was there to be used for some purpose. This is not an opening, but a disruption of services.

    It's almost like a pipeline flow steal - you get the pipeline to start flowing your commodity, and then send a false packet to the control house to abruptly cut off he flow without actually draining the pipeline. Then you hack the pipeline and drain the commodity off for yourself. Only the commodity is digital and can be refilled into the pipeline endlessly, and in this case the commodity is (are) your secure credentials, etc. used to access everything you intend to keep secure.

    So, in effect, with badly (nefariously) coded software you trigger an emergency cut off on your side, but the data is still in the pipeline and can be fore dumped because it never was erased because of the way that memory-isolation was designed to work.

    in fact, from the Meltdonw PDF I linked to earlier, the introduction explains it a lot better than I currently am, so here it is:

    One of the central security features of today’s operating systems is memory isolation. Operating systems ensure that user applications cannot access each other’s memories and prevent user applications from reading or writing kernel memory. This isolation is a cornerstone of our computing environments and allows running multiple applications on personal devices or executing processes of multiple users on a single machine in the cloud.
    In this work, we present Meltdown[1]. Meltdown is a novel attack that allows overcoming memory isolation completely by providing a simple way for any user process to read the entire kernel memory of the machine it executes on, including all physical memory mapped in the kernel region. Meltdown does not exploit any software vulnerability, i.e., it works on all major operating systems. Instead, Meltdown exploits side-channel information available on most modern processors, e.g., modern Intel microarchitectures since 2010 and potentially on other CPUs of other vendors.

    While side-channel attacks typically require very specific knowledge about the target application and are tailored to only leak information about its secrets, Meltdown allows an adversary who can run code on the vulnerable processor to obtain a dump of the entire kernel address space, including any mapped physical memory. The root cause of the simplicity and strength of Meltdown are side effects caused by out-of-order execution.

    Out-of-order execution is an important performance feature of today’s processors in order to overcome latencies of busy execution units, e.g., a memory fetch unit needs to wait for data arrival from memory. Instead of stalling the execution, modern processors run operations out-of-order i.e., they look ahead and schedule subsequent operations to idle execution units of the processor. However, such operations often have unwanted sideeffects, e.g., timing differences [28, 35, 11] can leak information from both sequential and out-of-order execution.

    From a security perspective, one observation is particularly significant: Out-of-order; vulnerable CPUs allow an unprivileged process to load data from a privileged (kernel or physical) address into a temporary CPU register. Moreover, the CPU even performs further computations based on this register value, e.g., access to an array based on the register value. The processor ensures correct program execution, by simply discarding the results of the memory lookups (e.g., the modified register states), if it turns out that an instruction should not have been executed. Hence, on the architectural level (e.g., the abstract definition of how the processor should perform computations), no security problem arises.

    However, we observed that out-of-order memory lookups influence the cache, which in turn can be detected through the cache side channel. As a result, an attacker can dump the entire kernel memory by reading privileged memory in an out-of-order execution stream, and transmit the data from this elusive state via a microarchitectural covert channel (e.g., Flush+Reload) to the outside world. On the receiving end of the covert channel, the register value is reconstructed. Hence, on the microarchitectural level (e.g., the actual hardware implementation), there is an exploitable security problem.
    So, in effect, you're making your own door into what was previously thought of as a secure underground bank vault.

    alphanumeric said: View Post
    @johngalt. Drivers aren't an issue for me. The Windows Update supplied drivers are more current than any of the ones I could find on the ASUS site for my motherboard. Everything works the way its supposed to so no problem. I can get Windows 10 drivers for my NVidia card from NVidia. I haven't bothered because my triple monitor setup works just fine with the Windows update supplied drivers. The few games I play work just fine too.

    In the early days of Windows 8 I did what you suggested, and tried the Windows 7 etc drivers. Mixed results if I remember correctly.
    OK, just making sure. I've also recently started using Snappy Driver Installer to install drivers for items that I have no applicable drivers for, (namely my Marvell 91xx chip that controls my SATA III ports, as the stock Micro$oft driver is the worst - improved game FPS around 7 fps on average, since both of my SSDs are on those 2 SATA III ports).
      My ComputersSystem Spec


 
Page 13 of 14 FirstFirst ... 311121314 LastLast

Related Threads
Looks like us Intel users are getting a free downgrade soon :( A Huge Intel Security Hole Could Slow Down Your PC Soon I’m pretty ticked about this one.
Read more: Intel Unveils Full Intel Core-X-series Processor Family Specs; 14- to 18-Core Processors Available Starting in September
Intel® Core™2 Duo processor T6670 in Installation and Upgrade
I am trying to Upgrade my Protege M750 with Intel® C™2 Duo processor T6670. The Upgrade starts but after while I got message Processor not supported. Any explanention why it is happened as even older processors are supported
Hello, I'm running a 64 bit Windows 10 laptop. On idle, the System process is showing a high memory usage of more than 150 MB, usually more than 200 MB. Using poolmon the pooltag SpDN showed up with a memory leak. It leads to the Intel Matrix...
edge leaking memory in Browsers and Email
Build 10240 on the pro 3, this keeps happening then fan kicks in and goes crazy, cant be right?!!!
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:47.
Find Us