Windows 10: New Speculative Execution Side-Channel Vunerability (Variant 4)

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 71
    Win10 Pro x64 / WinServer 2016 Essentials
       24 May 2018 #10

    storageman said: View Post
    After reading those links (and the previous ones from the first of the year), it apparent that the hardware engineers have lost focus. It looks like they want to make logic decisions that should be left to the software programmer: EG
    [/I]
    If software programmed is able to exploit a security vulnerability then the more logical that hardware engineers are modifying the underlaying executive structure in order to disable such software code from doing so.
      My ComputerSystem Spec

  2. Comp Cmndo's Avatar
    Posts : 251
    Windows 10-Pro 64bit
       24 May 2018 #11

    Does this mean that the 9th generation Intel® Core™ processors will have lowered performance?
    If they end up being on par with the 2nd or 3rd generation, without microcode patches, that would be acceptable.
      My ComputerSystem Spec

  3.    26 May 2018 #12

    AMD won't be releasing new microcode updates. AMD processors are not vulnerable to Variant 3a, and enabling full mitigation against Variant 4 on an AMD processor does not require a microcode update.

    AMD Processor Security | AMD
      My ComputerSystem Spec

  4. Faith's Avatar
    Posts : 422
    Windows 10 Home April 2018 Update 64-bit
       26 May 2018 #13

    Ground Sloth said: View Post
    AMD won't be releasing new microcode updates. AMD processors are not vulnerable to Variant 3a, and enabling full mitigation against Variant 4 on an AMD processor does not require a microcode update.

    AMD Processor Security | AMD
    Nah, just wait until Variant 5 arrives in a few months time.
      My ComputerSystem Spec

  5.    26 May 2018 #14

    Faith said: View Post
    Nah, just wait until Variant 5 arrives in a few months time.

    At least for the moment, people who have computers with AMD processors have less to worry about.

    Intel got lucky with Meltdown (Variant 3 and 3a). Initial reports were that mitigation against Meltdown would cause serious system slowdown, but that turned out to be mostly exaggerated.
      My ComputerSystem Spec

  6. DooGie's Avatar
    Posts : 4,213
    Wndows 10 x64 Home version 1809
       28 May 2018 #15

    I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
      My ComputerSystem Spec

  7.    28 May 2018 #16

    DooGie said: View Post
    I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month

    It's basically impossible to know. Exploiting these vulnerabilities won't leave behind any traces.
      My ComputerSystem Spec

  8.    28 May 2018 #17

    Hi,

    DooGie said: View Post
    I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
    Personally I feel these threats are purely theoretical for now. In a "can be done but way too complex to be profitable for most cases" kind of way.


    Cheers,
      My ComputersSystem Spec

  9.    29 May 2018 #18

    DooGie said: View Post
    I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
    It's quite possible intelligence agencies have been exploiting such vulnerabilities for a while but we will never find out unless someone leaks.
      My ComputersSystem Spec

  10.    30 May 2018 #19

    Intel still claims that these vulnerabilities are not the result of a processor design flaw. But aren't all these vulnerabilities the result of the CPU not properly discarding unneeded instructions that were executed speculatively? How is that not a design flaw?
    Last edited by Ground Sloth; 30 May 2018 at 14:40.
      My ComputerSystem Spec


 
Page 2 of 3 FirstFirst 123 LastLast

Related Threads
Source: Speculative Execution Bounty Launch MSRC
Source: Mitigating speculative execution side channel hardware vulnerabilities Defense See also: Microsoft Announcing Speculative Execution Bounty Program Launch - Windows 10 Forums
Source: https://support.microsoft.com/en-us/help/4073418/azure-stack-guidance-protect-against-speculative-execution-side-channe
Source: https://support.microsoft.com/en-us/help/4073225/guidance-for-sql-server
Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:21.
Find Us