Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

It didn't suffer from any breach because the issue was only found recently. Once the patches are pushed they'll publish the full details on the flaw then any unpatched machine will easily be exploited.

Also given the nature of distributed attacks, unpatched machines can be weaponized against users that have the patch in place.

 

So apparently i misunderstood the VM part that means Virtual Memory instead of Virtual Machines, my bad! Thanks for the clarification.

So basically Intel f**** up big time!!! I can´t imagine how server managers are feeling right now with this problems arising...

Personally i´m not happy with Intel´s problems happening in the last years regarding their CPUs and AMD is looking more appealing by the second...

 

That is not how exploits like this work. Now that this is very common knowledge there will be a scramble in malware community to code exploits for it.

On top of that an exploit can give all kinds of access including the ability to install software without permission. Creating a botnet this way would allow an attacker to weaponize your computer if you are not patched.

This is like parents refusing to vaccinate their kids thinking that only their kids are affected. This is a very short sighted way to look at a very serious problem. The fewer PCs that are patched the bigger the problem grows.

It will be interesting to see if older operating systems get patched. If there is an XP patch for this you can assume that this exploit is about as bad as it gets.

 

All true, but the power of exploits are bigger than it seems for wide audience. Exploit in laboratory is one thing, and exploit in real life is another thing.

And again if OS kernel needs to get security patch for CPU flaw then OS kernel is designed wrong.

 

Its not the OS Kernel's fault.
Its that the problem can't be solved via a Hardware fix, so the only solution is to software fix.

 

A vulnerability is a vulnerability, and absolutely needs to be patched. In particular, this is a hardware bug and affects a decade of CPUs so malware creators will quickly be jumping all over it, as it affects the vast majority of PC systems. This is a very serious bug, and you should never be willing to sacrifice security for performance.

 

Patch coming on MS Patch Tuesday next week, but will you be able to get it seperately ?, as i can't get Windows updates anymore, and is it really needed, if all you use your rig for is gaming, and t'internet ?

 

The kernel needs to be designed the way the CPU expects it to. The CPU offers kernel mode and virtual memory, and that's what the kernel needs to utilize. It cannot use anything else, because there IS nothing else. This is how it works.

That's like saying that if a car has a malfunctioning wheel, and you crash because of it, it's the driver's fault. Well, guess what. There isn't any other way to drive a car than to use the wheel. All you can do to fix it, is work around the wheel malfunction (like driving slower and use more force to turn the wheel, or whatever.) The wheel itself cannot be fixed in this case.

 

Logic is simple: if this security threat can be fixed by patch for OS kernel then it means OS kernel permits to implement the threat. If such access from user space to kernel space was not possible at all then no CPU flaws could introduce a threat. When MS and Linux teams wrote kernels they did some compromise toward performance (because absolute protection usually perceived as an enemy of performance).

 

I mean is any patch "really needed" ? Like your PC will still work without it.. but the details we have so far is that it's an extremely critical vulnerability, so you can bet that there will be tons of malware that exploits it. The malware devs know that there will be tons of unpatched systems out there.

 

I would hope a patch would be provided to all those possibly affected by this. The consumer is in no way at fault here, and whatever OS or CPU etc.... should make no difference. A patch needs to be available to all.

 

I was sure you know that CPUs offer a facilities, and OS kernel teams can utilize them with some variety. For example, how address space is designed - kernel attribute not CPU, since CPU only offers mechanics for isolation, virtual-to-physical translation etc.

 

Best get patched then.

Yeah true.

 

Do you know what the kernel of an OS does? It's not about compromises, it's about abstraction. If there will be OS kernel patches it's because the hardware has a serious fail in the design that cannot in anyway be patched by the producer (Intel).

 

Usually cumulative updates are available to download through windows update catalogue.
You can check for news and links here
https://support.microsoft.com/en-us/help/4018124/windows-10-update-history

 

The patch is a workaround. The fault lies with the hardware, not the software (let's not shift the blame here - Intel is the one that is responsible for this).

 

Yes I do.
You can stop wasting your time trying to convince me on something.

 

Im on Win 7 still

 

The CPU guarantees that the memory wasn't accessible. That guarantee was broken. There's nothing wrong with the OS when it utilizes that guarantee. It's why that guarantee is there to begin with.

With that thinking, the OS should not allow the use of GPUs. They could have bugs. Thus, an OS that allows use of GPUs is broken.