Windows 10: Windows Client Guidance against speculative execution vulnerabilities

Page 8 of 48 FirstFirst ... 67891018 ... LastLast

  1. Posts : 38,043
    Dual boot Windows 10 FCU Pro x 64 & current Insider 10 Pro
       06 Jan 2018 #71

    clam1952 said: View Post
    Makes one wonder just what other flaws are likely to be discovered or if any processor has ever actually been secure or with the rate these "security" experts are discovering flaws, ever will be.
    Not a perfect world, but yes, it makes one wonder.

    Cliff S said: View Post
    Nobody would have known about this(not even the black hats) and it have been fixed eventually and quietly with some updates in the effected OS's and still supported hardware BIOS, and no one would have been the wiser, not even the bad guys.

    But for some dumba** Linux kernel developer that tagged his code with a #comment, and being open source it was quickly seen by someone else and that dumba** told the media
    I agree, but the rat comes out of the hole eventually. It's like picking between the better of two evils. In the end it's better that it was caught before the bad guys found it. Thing is they should've kept it secret long enough to create a total fix first, if at all. None would've been the wiser. Now we have a period of time that the bad guys can exploit it. I may rant and rave that I may have to buy new hardware, but that's what concerns me most every time I boot a machine.

    Steve C said: View Post
    I suggest no processor is provably secure or error free - discuss.
    Like I said, it's not a perfect world, but how long has the chip architecture and processing code been written? Years ago, yes? You'd think out of all the educated in that field that someone would have caught this years ago. SFAIK Murphy's law, a legitimate rule, is taught in most engineering schools. Perhaps not in hardware and/or software engineering?
      My ComputersSystem Spec


  2. Posts : 18,923
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       07 Jan 2018 #72

    From the Intel White Paper PDF: Intel Analysis of Speculative Execution Side Channels

    Related Intel Security Featuresand Technologies

    There are security features and technologies, either present in existing Intel products or planned for
    future products, which reduce the effectiveness of the attacks mentioned in the previous sections.


    4.1 Intel® OS Guard
    When Intel® OS Guard, also known as Supervisor-Mode Execution Prevention (SMEP), is enabled, the
    operating system will not be allowed to directly execute application code, even speculatively. This
    makes branch target injection attacks on the OS substantially more difficult by forcing the attacker to
    find gadgets within the OS code. It is also more difficult for an application to train OS code to jump to
    an OS gadget. All major operating systems enable SMEP support by default.

    4.2 Execute Disable Bit
    The Execute Disable Bit is a hardware-based security feature that can help reduce system exposure to
    viruses and malicious code. Execute Disable Bit allows the processor to classify areas in memory
    where application code can or cannot execute, even speculatively. This reduces the gadget space,
    increasing the difficulty of branch target injection attacks. All major operating systems enable Execute
    Disable Bit support by default.

    4.3 Control flow Enforcement Technology (CET)
    On future Intel processors, Control flow Enforcement Technology will allow limiting near indirect jump
    and call instructions to only target ENDBRANCH instructions. This feature can reduce the speculation
    allowed to non-ENDBRANCH instructions. This greatly reduces the gadget space, increasing the
    difficulty of branch target injection attacks.
    For additional information on CET, see the Control-flow Enforcement Technology Preview located here:
    https://software.intel.com/sites/def...gy-preview.pdf
    4.4 Protection Keys
    On future Intel processors that have both hardware support for mitigating Rogue Data Cache Load and
    protection keys support, protection keys can limit the data accessible to a piece of software. This can
    be used to limit the memory addresses that could be revealed by a branch target injection or bound
    check bypass attack.
    7 Document Number: 336983-001, Revision 1.0

    4.5 Supervisor-Mode Access Prevention (SMAP)
    Supervisor-Mode Access Prevention (SMAP) can be used to limit which memory addresses can be used
    for a cache based side channel, forcing an application attacking the kernel to use kernel memory
    space for the side channel. This makes it more difficult for an application to perform the attack on the
    kernel as it is more challenging for an application to determine whether a kernel line is cached than an
    application line.
    https://newsroom.intel.com/wp-conten...e-Channels.pdf
      My ComputersSystem Spec

  3.    07 Jan 2018 #73

    What about VMs, can it penetrate that ?
      My ComputersSystem Spec

  4.    07 Jan 2018 #74

    Hi,

    What about VMs, can it penetrate that ?
    Yes, it can.

    Cheers,
      My ComputersSystem Spec

  5.    07 Jan 2018 #75

    For all the ASUS motherboard owners, Asus has released a list of the updated bios versions that will be released to fix this issue, in some cases, some of these bios updates have NOT been released yet. Link below.
    ASUS Global
      My ComputersSystem Spec


  6. Posts : 18,923
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       07 Jan 2018 #76

    OldMike65 said: View Post
    For all the ASUS motherboard owners, Asus has released a list of the updated bios versions that will be released to fix this issue, in some cases, some of these bios updates have NOT been released yet. Link below.
    ASUS Global
    For the Maximus X Series boards, it was released(uploaded ) already on the 3rd of January, they were fast!
      My ComputersSystem Spec

  7.    07 Jan 2018 #77

    Cliff S said: View Post
    For the Maximus X Series boards, it was released(uploaded ) already on the 3rd of January, they were fast!
    Yes Asus released all of their Intel 370's boards already. All the others have not been released as of yet.
      My ComputersSystem Spec

  8.    07 Jan 2018 #78

    This is what I get. ASUS M4N68-M V2 and AMD Phenom II, NVIDIA nForce 630a chip-set and AMD CPU. Old stuff, but its my main desktop PC. SA-00086 says This system is not vulnerable. Not so good results with the Power Shell commands though. There haven't been any BIOS updates for it in years. Already running the latest dated 2012/01/18. Will have to reboot to double check, pretty sure I'm running the latest though.

    Click image for larger version. 

Name:	Power Shell Capture.PNG 
Views:	3 
Size:	54.6 KB 
ID:	171302
      My ComputerSystem Spec

  9.    07 Jan 2018 #79

    Looks like I wasn't running the latest BIOS, just flashed to the latest but it didn't change anything as far as I can tell, still recommends getting a newer BIOS. Not sure what to do now?
    Click image for larger version. 

Name:	Power Shell 2 Capture.PNG 
Views:	4 
Size:	46.2 KB 
ID:	171310
      My ComputerSystem Spec

  10.    07 Jan 2018 #80

    SA-00086 is for the Intel management Engine flaw from last autumn / fall and is nothing to do with the current Spectre Meltdown flaws which is what you are checking with the Powershell scripts. Two separate issues, AMD is not affected by the Intel management flaw so does not require that fix, only applicable for Intel systems.

    The forthcoming hardware patches so far are for Intel processors only.
    For AMD the only "fix" at this point is the one included in the latest Windows update. As far as I'm aware AMD are not releasing any hardware patches yet and possibly do not need to? jury appears to be out on that at present.
      My ComputersSystem Spec


 
Page 8 of 48 FirstFirst ... 67891018 ... LastLast

Related Threads
The PowerShell script execution policies enables you to determine which Windows PowerShell scripts (if any) will be allowed to run on your computer. Windows PowerShell has four different execution policies: Execution Policy Description ...
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Source: Google Online Security Blog: Disclosing vulnerabilities to protect users
Windows 10 - Need some guidance on recovery in Installation and Upgrade
One of my spare Windows 10 machines is on life support. I must have clobbered it somehow when I was tweaking the multiple display settings ( to incorporate a HDMI projector). It actually worked fine all week, but today, when I tired to set it...
Read more: http://www.zdnet.com/article/microsoft-offers-it-guidance-to-prepare-for-windows-as-a-service/
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 15:22.
Find Us