Kernel memory leaking Intel processor design flaw

Page 14 of 14 FirstFirst ... 4121314

  1. Posts : 343
    Windows 10 x64 Pro 21H2
       #130

    johngalt said:
    AV software has nothing much to say about it, other than loosening their hooks into the kernel so that the successive patches from Microsoft can be installed.

    As for being a supporter of AMD - uhh, might want to look at this first: Security hole in AMD CPUs' hidden secure processor code revealed ahead of patches • The Register

    Although, I am a bit confused as the one researcher claims it is a remote execute flaw but OTOH it requires direct access to hardware....

    And mind you, this has nothing to do with Meltdown nor Spectre - and no one currently is immune to Spectre.
    Well... in short, just a little hole that is patched through an update in the PSP plattform, and even there, you need local access...
    This makes me feel more happy even XD.

    Nah seriously... this batch of vulnerabilities is becoming a little more suspicious lately...
      My Computers


  2. Posts : 2,663
    Windows 11 21H2 (22000.593)
       #131

    FerchogtX said:
    Well... in short, just a little hole that is patched through an update in the PSP plattform, and even there, you need local access...
    This makes me feel more happy even XD.

    Nah seriously... this batch of vulnerabilities is becoming a little more suspicious lately...
    Actually, our security researchers are getting better at finding vulnerabilities where there were previously thought to be none.

    And that means better products down the road - because security is finally getting the recognition that it deserves and warrants.
      My Computers


  3. Posts : 5,833
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       #132

    johngalt said:
    Nah, not really. door of any kind implies the opening was there to be used for some purpose. This is not an opening, but a disruption of services.

    It's almost like a pipeline flow steal - you get the pipeline to start flowing your commodity, and then send a false packet to the control house to abruptly cut off he flow without actually draining the pipeline. Then you hack the pipeline and drain the commodity off for yourself. Only the commodity is digital and can be refilled into the pipeline endlessly, and in this case the commodity is (are) your secure credentials, etc. used to access everything you intend to keep secure.

    So, in effect, with badly (nefariously) coded software you trigger an emergency cut off on your side, but the data is still in the pipeline and can be fore dumped because it never was erased because of the way that memory-isolation was designed to work.

    in fact, from the Meltdonw PDF I linked to earlier, the introduction explains it a lot better than I currently am, so here it is:
    Yes, I read that PDF after you posted it. You explained it just fine. What was assuring in the PDF for now is "While side-channel attacks typically require very specific knowledge about the target application and are tailored to only leak information about its secrets..."

    To me this gives those in the industry some time to completely patch it, otherwise there's going to be a lot of data oil leaked.
      My Computers


  4. Posts : 2,663
    Windows 11 21H2 (22000.593)
       #133

    Tony K said:
    Yes, I read that PDF after you posted it. You explained it just fine. What was assuring in the PDF for now is "While side-channel attacks typically require very specific knowledge about the target application and are tailored to only leak information about its secrets..."

    To me this gives those in the industry some time to completely patch it, otherwise there's going to be a lot of data oil leaked.
    Exactly!

    And that is the very reason I am not holding it against Intel for not coming out and revealing the bug - not because of bad publicity, but because it gave OEMS and Software Devs the time they needed to develop patches to mitigate the vulnerability to the exploits as much as possible. In fact, I am applauding them and the other chipmakers for banding together and fixing it.

    It basically comes down to this (stolen from a Google marketing guy via Twitter:

    Kernel memory leaking Intel processor design flaw-dsymedrvqaajate.jpg_large.jpeg

    Stolen from here: Avinash Kaushik on Twitter:
      My Computers


  5. Posts : 5,833
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       #134

    johngalt said:
    Exactly!

    And that is the very reason I am not holding it against Intel for not coming out and revealing the bug - not because of bad publicity, but because it gave OEMS and Software Devs the time they needed to develop patches to mitigate the vulnerability to the exploits as much as possible. In fact, I am applauding them and the other chipmakers for banding together and fixing it.

    It basically comes down to this (stolen from a Google marketing guy via Twitter:
    So now I'm beginning to see it was some ambitious peon reporter that leaked the story too soon. How irresponsible.
      My Computers


  6. Posts : 853
    Windows 10 Pro 21H1 build 19043.1706
       #135

    Very irresponsible, waiting a few more days until the planned date wouldn't have made any difference, other than a certain tabloid type website couldn't post their "exclusive scoop".
      My Computers


  7. VBF
    Posts : 593
    Win 10 Pro
       #136

    clam1952 said:
    Very irresponsible, waiting a few more days until the planned date wouldn't have made any difference, other than a certain tabloid type website couldn't post their "exclusive scoop".
    Ummm. I think some of us "Registered" that early on........allegedly, of course
      My Computers


  8. Posts : 49
    win10 home 64 bit
       #137

    VBF said:
    Ummm. I think some of us "Registered" that early on........allegedly, of course
    but did you inquire much about it?
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:01.
Find Us




Windows 10 Forums