Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'Frontpage news' started by zero_cool, Jan 2, 2018.

  1. Denial

    Denial Ancient Guru

    Messages:
    12,782
    Likes Received:
    2,035
    GPU:
    EVGA 1080Ti
    It didn't suffer from any breach because the issue was only found recently. Once the patches are pushed they'll publish the full details on the flaw then any unpatched machine will easily be exploited.

    Also given the nature of distributed attacks, unpatched machines can be weaponized against users that have the patch in place.
     
  2. H83

    H83 Ancient Guru

    Messages:
    2,996
    Likes Received:
    520
    GPU:
    MSI Duke GTX1080Ti
    So apparently i misunderstood the VM part that means Virtual Memory instead of Virtual Machines, my bad! Thanks for the clarification.

    So basically Intel f**** up big time!!! I can´t imagine how server managers are feeling right now with this problems arising...

    Personally i´m not happy with Intel´s problems happening in the last years regarding their CPUs and AMD is looking more appealing by the second...
     
  3. nosirrahx

    nosirrahx Master Guru

    Messages:
    233
    Likes Received:
    76
    GPU:
    HD7700
    That is not how exploits like this work. Now that this is very common knowledge there will be a scramble in malware community to code exploits for it.

    On top of that an exploit can give all kinds of access including the ability to install software without permission. Creating a botnet this way would allow an attacker to weaponize your computer if you are not patched.

    This is like parents refusing to vaccinate their kids thinking that only their kids are affected. This is a very short sighted way to look at a very serious problem. The fewer PCs that are patched the bigger the problem grows.

    It will be interesting to see if older operating systems get patched. If there is an XP patch for this you can assume that this exploit is about as bad as it gets.
     
  4. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,210
    Likes Received:
    6,090
    GPU:
    GeForce GTX 1070
    All true, but the power of exploits are bigger than it seems for wide audience. Exploit in laboratory is one thing, and exploit in real life is another thing.

    And again if OS kernel needs to get security patch for CPU flaw then OS kernel is designed wrong.
     

  5. Evildead666

    Evildead666 Maha Guru

    Messages:
    1,285
    Likes Received:
    268
    GPU:
    Vega64/EKWB/Noctua
    Its not the OS Kernel's fault.
    Its that the problem can't be solved via a Hardware fix, so the only solution is to software fix.
     
    Alessio1989 likes this.
  6. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,123
    Likes Received:
    1,358
    GPU:
    2 x GeForce 1080 Ti
    A vulnerability is a vulnerability, and absolutely needs to be patched. In particular, this is a hardware bug and affects a decade of CPUs so malware creators will quickly be jumping all over it, as it affects the vast majority of PC systems. This is a very serious bug, and you should never be willing to sacrifice security for performance.
     
    Alessio1989 likes this.
  7. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    1,798
    Likes Received:
    471
    GPU:
    .
    [​IMG]
     
    insp1re2600 likes this.
  8. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,520
    Likes Received:
    572
    GPU:
    MSI 2070S X-Trio
    Patch coming on MS Patch Tuesday next week, but will you be able to get it seperately ?, as i can't get Windows updates anymore, and is it really needed, if all you use your rig for is gaming, and t'internet ?
     
  9. RealNC

    RealNC Ancient Guru

    Messages:
    3,142
    Likes Received:
    1,368
    GPU:
    EVGA GTX 980 Ti FTW
    The kernel needs to be designed the way the CPU expects it to. The CPU offers kernel mode and virtual memory, and that's what the kernel needs to utilize. It cannot use anything else, because there IS nothing else. This is how it works.

    That's like saying that if a car has a malfunctioning wheel, and you crash because of it, it's the driver's fault. Well, guess what. There isn't any other way to drive a car than to use the wheel. All you can do to fix it, is work around the wheel malfunction (like driving slower and use more force to turn the wheel, or whatever.) The wheel itself cannot be fixed in this case.
     
  10. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,210
    Likes Received:
    6,090
    GPU:
    GeForce GTX 1070
    Logic is simple: if this security threat can be fixed by patch for OS kernel then it means OS kernel permits to implement the threat. If such access from user space to kernel space was not possible at all then no CPU flaws could introduce a threat. When MS and Linux teams wrote kernels they did some compromise toward performance (because absolute protection usually perceived as an enemy of performance).
     

  11. Denial

    Denial Ancient Guru

    Messages:
    12,782
    Likes Received:
    2,035
    GPU:
    EVGA 1080Ti
    I mean is any patch "really needed" ? Like your PC will still work without it.. but the details we have so far is that it's an extremely critical vulnerability, so you can bet that there will be tons of malware that exploits it. The malware devs know that there will be tons of unpatched systems out there.
     
    Rich_Guy likes this.
  12. Embra

    Embra Maha Guru

    Messages:
    1,006
    Likes Received:
    258
    GPU:
    Vega 64 Nitro+LE
    I would hope a patch would be provided to all those possibly affected by this. The consumer is in no way at fault here, and whatever OS or CPU etc.... should make no difference. A patch needs to be available to all.
     
  13. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,210
    Likes Received:
    6,090
    GPU:
    GeForce GTX 1070
    I was sure you know that CPUs offer a facilities, and OS kernel teams can utilize them with some variety. For example, how address space is designed - kernel attribute not CPU, since CPU only offers mechanics for isolation, virtual-to-physical translation etc.
     
  14. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,520
    Likes Received:
    572
    GPU:
    MSI 2070S X-Trio
    Best get patched then.

    Yeah true.
     
  15. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    1,798
    Likes Received:
    471
    GPU:
    .
    Do you know what the kernel of an OS does? It's not about compromises, it's about abstraction. If there will be OS kernel patches it's because the hardware has a serious fail in the design that cannot in anyway be patched by the producer (Intel).
     

  16. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,210
    Likes Received:
    6,090
    GPU:
    GeForce GTX 1070
    Usually cumulative updates are available to download through windows update catalogue.
    You can check for news and links here
    https://support.microsoft.com/en-us/help/4018124/windows-10-update-history
     
  17. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,123
    Likes Received:
    1,358
    GPU:
    2 x GeForce 1080 Ti
    The patch is a workaround. The fault lies with the hardware, not the software (let's not shift the blame here - Intel is the one that is responsible for this).
     
  18. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,210
    Likes Received:
    6,090
    GPU:
    GeForce GTX 1070
    Yes I do.
    You can stop wasting your time trying to convince me on something.
     
  19. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,520
    Likes Received:
    572
    GPU:
    MSI 2070S X-Trio
    airbud7 likes this.
  20. RealNC

    RealNC Ancient Guru

    Messages:
    3,142
    Likes Received:
    1,368
    GPU:
    EVGA GTX 980 Ti FTW
    The CPU guarantees that the memory wasn't accessible. That guarantee was broken. There's nothing wrong with the OS when it utilizes that guarantee. It's why that guarantee is there to begin with.

    With that thinking, the OS should not allow the use of GPUs. They could have bugs. Thus, an OS that allows use of GPUs is broken.
     

Share This Page