Intel processors Vulnerable to New BranchScope Attack

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Mar 28, 2018.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    38,966
    Likes Received:
    7,640
    GPU:
    AMD | NVIDIA
    Silva likes this.
  2. Kaarme

    Kaarme Ancient Guru

    Messages:
    2,038
    Likes Received:
    700
    GPU:
    Sapphire 390
    How is it possible for Intel to have been working on this with the researchers? I thought the modern modus operandi is to reveal the flaw to the hardware manufacturer 24 hours before making it public? How much research can you do in 24 hours, huh?
     
    HitokiriX, xIcarus, Silva and 2 others like this.
  3. insp1re2600

    insp1re2600 Maha Guru

    Messages:
    1,230
    Likes Received:
    459
    GPU:
    RTX 2080TI OC H20
    more crippling microcode due then?
     
    321Boom and Silva like this.
  4. Noisiv

    Noisiv Ancient Guru

    Messages:
    7,133
    Likes Received:
    774
    GPU:
    2070 Super
    I hope not.

    We have been working with these researchers and we have determined the method they describe is similar to previously known side channel exploits.
    We anticipate that existing software mitigations for previously known side channel exploits, such as the use of side channel resistant cryptography, will be similarly effective against the method described in this paper

    Sounds like the Spectre/Meldown updates should be enough to protect against this new exploit.
     
    airbud7 and Dragondale13 like this.

  5. insp1re2600

    insp1re2600 Maha Guru

    Messages:
    1,230
    Likes Received:
    459
    GPU:
    RTX 2080TI OC H20
    Same here, id have to chuck towel in with my 3770k if so lol.
     
  6. Angantyr

    Angantyr Master Guru

    Messages:
    755
    Likes Received:
    219
    GPU:
    MSI 2070 Super X
    Wonderful... So Meltdown and Spectre exploited Branch Target Buffer (BTB) and now, BranchScope is the exploit of the CPU pattern history table (PHT).

    Guess more microcode is inc....This is tiresome.
     
  7. jaggerwild

    jaggerwild Master Guru

    Messages:
    783
    Likes Received:
    280
    GPU:
    EVGA RTX 2070 SUP
    "The attacker needs to have access to the targeted system and they must be able to execute arbitrary code". Isn't that the same access as the AMD fake issue's? Access means I can do any number of things? Or am I missing something here?
     
    INSTG8R likes this.
  8. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,677
    Likes Received:
    6,573
    GPU:
    GF RTX 2070 Super
    * yawn *
    boring...
     
    airbud7 and Dragondale13 like this.
  9. Dragondale13

    Dragondale13 Maha Guru

    Messages:
    1,453
    Likes Received:
    142
    GPU:
    GTX 1070 AMP! • H75
    So with you on this one.
     
  10. schmidtbag

    schmidtbag Ancient Guru

    Messages:
    5,283
    Likes Received:
    1,877
    GPU:
    HIS R9 290
    Seems like yet another thing to not worry about - too difficult to exploit.
     

  11. TieSKey

    TieSKey Member Guru

    Messages:
    168
    Likes Received:
    54
    GPU:
    Gtx870m 3Gb
    I haven't read the original docs but from what I get from this, you only need SO admin level to affect anything running on that hardware, u don't need physical or boot procedure access. This would mean u can run this exploits on a hired VM at amazon or azure and steal info from processes running on a different VM (as is the case with spectre and meltdown).
     
  12. JamesSneed

    JamesSneed Maha Guru

    Messages:
    1,001
    Likes Received:
    401
    GPU:
    GTX 1070
    No it's not the same. To pull this Intel exploit off one must be able to execute code ie run a program/script which doesn't mean you need elevated privileges. This new BranchScope attack is similar to Spectre. The recent AMD flaws required a minimum of admin access(one possibly physical access depending on how one could flash the BIOS) which is much harder to obtain.
     
    jaggerwild likes this.
  13. Turanis

    Turanis Ancient Guru

    Messages:
    1,642
    Likes Received:
    348
    GPU:
    Gigabyte RX500
    Another one for Windows 7 users,which patched Windows against Meltdown:

    Security researcher Ulf Frisk has discovered that Microsoft’s Meltdown security patch for Windows 7 and Windows Server 2008 R2 allowed normal processes to be granted full read and write access to the physical memory. This means that whoever managed to exploit the flaw would have obtained administrator privileges on vulnerable machines.

    The technical analysis of the bug and the proof-of-concept exploit posted on Frisk’s blog reveal that taking advantage of the bug was not at all a complex process.

    “No fancy exploits were needed. Windows 7 already did the hard work of mapping in the required memory into every running process. Exploitation was just a matter of read and write to already mapped in-process virtual memory. No fancy APIs or syscalls required - just standard read and write!” he posted.

    https://blog.frizk.net/2018/03/total-meltdown.html?m=1
     
  14. tsunami231

    tsunami231 Ancient Guru

    Messages:
    10,683
    Likes Received:
    624
    GPU:
    EVGA 1070Ti Black
    I guess this gona be the new rage, lets out ever single vunarbiltiy to the public now
     
    typhon6657 likes this.
  15. David3k

    David3k Member Guru

    Messages:
    101
    Likes Received:
    20
    GPU:
    Graphics Processing Unit
    From what I understand, this one is pretty high threat because of the fact it can exploit SGX enclaves (basically "protected code and execution" areas) that doesn't need any form of process or code elevation: you can run it in a userland inside an SGX enclave within a VM and it can still exploit neighboring SGX enclaves AND host metal; no admin, drivers, cracked bios or firmware flashing needed, just code executing the right order of commands (works with various languages and compilers) and there isn't any kind of protected memory space at all on the system.

    Fortunately, this can be fixed in software, but the OS and all programs have to patch to protect against this, so the burden is mostly on software devs who want to run securely on Intel hardware. From what I gather, this should have only marginal performance cost, but due to certain encryption assumptions being invalidated means program (and host OS) stability MAY be rocky (though shouldn't be an issue).

    Honestly, to go on a bit of a tangent here, this is why I like to manually control when and IF my system updates are installed: I like to sit on patches for a week or two before I install it, just to be sure nothing undesirable happens. Though I do pick certain updates, based on their descriptions and affected areas, to install right away because I'm certain they don't cause issues and the fifteen minutes a month spent on this practice has saved me from days of downtime.
     
    Last edited: Mar 28, 2018

  16. TheDeeGee

    TheDeeGee Ancient Guru

    Messages:
    6,710
    Likes Received:
    1,000
    GPU:
    NVIDIA GTX 1070
    No worries, we will get yet another patch followed by another leak etc etc.

    And at the end of the day with all 4792874525 patches applied our CPUs will perform like a Pentium 3.
     
    Dragondale13 likes this.
  17. RealNC

    RealNC Ancient Guru

    Messages:
    3,144
    Likes Received:
    1,373
    GPU:
    EVGA GTX 980 Ti FTW
    Screw this. I don't know about you, but I think it's time to go back to this:

    [​IMG]
     
    Last edited: Mar 28, 2018
    DLG, 321Boom, Killian38 and 7 others like this.
  18. rl66

    rl66 Ancient Guru

    Messages:
    2,544
    Likes Received:
    223
    GPU:
    Sapphire RX 580X SE
    it was quite good performance and lot of fun :)
     
    Darren Hodgson and DrCrow like this.
  19. RealNC

    RealNC Ancient Guru

    Messages:
    3,144
    Likes Received:
    1,373
    GPU:
    EVGA GTX 980 Ti FTW
    What do you mean "was?" :)
     
  20. tsunami231

    tsunami231 Ancient Guru

    Messages:
    10,683
    Likes Received:
    624
    GPU:
    EVGA 1070Ti Black
    Which was? the fun or good performance?, I got alot fond memory about my old 286 8mhz ibm, if that thing still worked i would throw in my original king quest 1~4 and Space quest games I still have discs for and play em, even joe montana football, Budokan, Mechwarrior etc, game that were games all about the gameplay
     

Share This Page