New Speculative Execution Side-Channel Vunerability (Variant 4)
-
After reading those links (and the previous ones from the first of the year), it apparent that the hardware engineers have lost focus. It looks like they want to make logic decisions that should be left to the software programmer: EG
[/I]
If software programmed is able to exploit a security vulnerability then the more logical that hardware engineers are modifying the underlaying executive structure in order to disable such software code from doing so.
-
-
Does this mean that the 9th generation Intel® Core™ processors will have lowered performance?
If they end up being on par with the 2nd or 3rd generation, without microcode patches, that would be acceptable.
-
AMD won't be releasing new microcode updates. AMD processors are not vulnerable to Variant 3a, and enabling full mitigation against Variant 4 on an AMD processor does not require a microcode update.
AMD Processor Security | AMD
-
AMD won't be releasing new microcode updates. AMD processors are not vulnerable to Variant 3a, and enabling full mitigation against Variant 4 on an AMD processor does not require a microcode update.
AMD Processor Security | AMD
Nah, just wait until Variant 5 arrives in a few months time.
-
-
Nah, just wait until Variant 5 arrives in a few months time.
At least for the moment, people who have computers with AMD processors have less to worry about.
Intel got lucky with Meltdown (Variant 3 and 3a). Initial reports were that mitigation against Meltdown would cause serious system slowdown, but that turned out to be mostly exaggerated.
-
I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
-
I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
It's basically impossible to know. Exploiting these vulnerabilities won't leave behind any traces.
-
Hi,
I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
Personally I feel these threats are purely theoretical for now. In a "can be done but way too complex to be profitable for most cases" kind of way.
Cheers,
-
I've never seen a report on how many machines in the wild have been hit by this exploit or earlier variants. Can anyone here post a link to how widespread it is. Seems to me it's the flavour of the month
It's quite possible intelligence agencies have been exploiting such vulnerabilities for a while but we will never find out unless someone leaks.
-
-
Intel still claims that these vulnerabilities are not the result of a processor design flaw. But aren't all these vulnerabilities the result of the CPU not properly discarding unneeded instructions that were executed speculatively? How is that not a design flaw?
Last edited by Ground Sloth; 30 May 2018 at 14:40.