Intel security flaw

Message boards : Number crunching : Intel security flaw
Message board moderation

To post messages, you must log in.

Previous · 1 · 2 · 3 · 4 · 5 . . . 6 · Next

AuthorMessage
Sirius B Project Donor
Volunteer tester
Avatar

Send message
Joined: 26 Dec 00
Posts: 24875
Credit: 3,081,182
RAC: 7
Ireland
Message 1910535 - Posted: 4 Jan 2018, 16:14:40 UTC - in response to Message 1910516.  

Windows has an update - KB4056892
Win 10 only.
ID: 1910535 · Report as offensive
Ghia
Avatar

Send message
Joined: 7 Feb 17
Posts: 238
Credit: 28,911,438
RAC: 50
Norway
Message 1910540 - Posted: 4 Jan 2018, 16:26:40 UTC

May be dumb questions, but I don't mind if people see my lack of understanding.. ;-)
I do understand the basics behind these Meltdown and Spectre flaws...a flaw in the separation between kernel and userland.
What I'd like to know is what this actually means :
"Intel chips have been exploited so that an unprivileged, logged-in user can read out kernel data"
"Intel chips have been exploited so that a root user in a guest virtual machine can read out host kernel data"

For example, how easy is it for a hacker to become "an unprivileged, logged-in user". Can any counter-moves be made on this level ?

...Ghia...
Humans may rule the world...but bacteria run it...
ID: 1910540 · Report as offensive
Profile Siran d'Vel'nahr
Volunteer tester
Avatar

Send message
Joined: 23 May 99
Posts: 7379
Credit: 44,181,323
RAC: 238
United States
Message 1910541 - Posted: 4 Jan 2018, 16:26:45 UTC - in response to Message 1910516.  

Windows has an update - KB4056892

Check this is installed in Windows Update. Also requires a restart to install.

BIOS updates also coming from Intel via OEMs so check BIOS and firmware update status from Dell, HP etc depending on your machine manufacturer.

Greetings,

WTF? The above update is for Windows 10 PCs. I searched the catalogue for "2018 Windows 7 x86" and found KB4056897 for Windows 7. I downloaded it.

MUSP tells me: "This update is not applicable to your computer." How can an update FOR my computer, running Windows 7, not be applicable to my computer running Windows 7?

Is this, perhaps, just another bold attempt by Micro$oft to force me to upgrade to Windows 10?

BTW: The description for the file I downloaded was virtually the same as that for KB4056892, with the exception of OS of course.

Siran
CAPT Siran d'Vel'nahr - L L & P _\\//
Winders 11 OS? "What a piece of junk!" - L. Skywalker
"Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath
ID: 1910541 · Report as offensive
Keldon Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor

Send message
Joined: 28 Nov 17
Posts: 8
Credit: 124,341,599
RAC: 214
Channel Islands
Message 1910553 - Posted: 4 Jan 2018, 16:58:21 UTC - in response to Message 1910541.  

OK so from what I can see there are at least 45 Windows security updates released today across all supported operating systems.

But while Windows 10 updates seem to work on automatic, albeit with a manual restart, Windows 7 and 8 users have to go searching for the right update and download manually or wait till next Tuesday when they may work automatically.

However, there appear to be issues with the downloads for some systems.

Microsoft did not want to release until next Tuesday at the earliest but may have rushed them out today due to the publicity.
ID: 1910553 · Report as offensive
Profile Siran d'Vel'nahr
Volunteer tester
Avatar

Send message
Joined: 23 May 99
Posts: 7379
Credit: 44,181,323
RAC: 238
United States
Message 1910561 - Posted: 4 Jan 2018, 17:13:26 UTC - in response to Message 1910553.  

OK so from what I can see there are at least 45 Windows security updates released today across all supported operating systems.

But while Windows 10 updates seem to work on automatic, albeit with a manual restart, Windows 7 and 8 users have to go searching for the right update and download manually or wait till next Tuesday when they may work automatically.

However, there appear to be issues with the downloads for some systems.

Microsoft did not want to release until next Tuesday at the earliest but may have rushed them out today due to the publicity.

Hi Keldon,

So basically I should just wait for patch Tuesday and hope for the best. ;)

This was the first time having a problem with one of their .msu files.

At least this PC is up-to-date with the updates since installing Win7 on a new HDD.

Thanks for the response, Keldon! :)

Siran
CAPT Siran d'Vel'nahr - L L & P _\\//
Winders 11 OS? "What a piece of junk!" - L. Skywalker
"Logic is the cement of our civilization with which we ascend from chaos using reason as our guide." - T'Plana-hath
ID: 1910561 · Report as offensive
Profile Bernie Vine
Volunteer moderator
Volunteer tester
Avatar

Send message
Joined: 26 May 99
Posts: 9954
Credit: 103,452,613
RAC: 328
United Kingdom
Message 1910562 - Posted: 4 Jan 2018, 17:14:07 UTC

For example, how easy is it for a hacker to become "an unprivileged, logged-in user". Can any counter-moves be made on this level ?


I would like to know this as well.
ID: 1910562 · Report as offensive
Profile Jeff Buck Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester

Send message
Joined: 11 Feb 00
Posts: 1441
Credit: 148,764,870
RAC: 0
United States
Message 1910572 - Posted: 4 Jan 2018, 17:26:29 UTC

This PC World article has a pretty extensive explanation of what all is known so far.

Meltdown and Spectre FAQ: Fix for Intel CPU flaws could slow down PCs and Macs
ID: 1910572 · Report as offensive
Profile Ghan-buri-Ghan Mike

Send message
Joined: 27 Dec 15
Posts: 123
Credit: 92,602,985
RAC: 172
United States
Message 1910573 - Posted: 4 Jan 2018, 17:32:56 UTC

I'm old enough to remember the Pentium 60 processor flaw (pre-SETI). As long as you weren't running nuclear weapon yield simulations, the hue and cry far outweighed the impact.
I too will wait and see.
ID: 1910573 · Report as offensive
Profile Keith Myers Special Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 29 Apr 01
Posts: 13161
Credit: 1,160,866,277
RAC: 1,873
United States
Message 1910579 - Posted: 4 Jan 2018, 17:49:16 UTC - in response to Message 1910562.  

Since the mechanics of the exploit have not been publicly revealed, for good reason, we can only guess how it is achieved. The discussion I saw on a live feed last night made it seem to be VERY difficult. One thing that caught my attention is that memory spaces are already being randomized when the kernel switches in and out from kernel space to user space. So trying to find supposed leftover passwords in memory space would be VERY difficult because you would have to know where to look in the first place.

An no, there is nothing you can do on your end other than to wait for the OS patches and apply them when they come out.
Seti@Home classic workunits:20,676 CPU time:74,226 hours

A proud member of the OFA (Old Farts Association)
ID: 1910579 · Report as offensive
Profile Keith Myers Special Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 29 Apr 01
Posts: 13161
Credit: 1,160,866,277
RAC: 1,873
United States
Message 1910581 - Posted: 4 Jan 2018, 18:04:39 UTC - in response to Message 1910570.  

Oh come on now. What's the chance/risk, that any normal home user should be hit by the effect of these flaws?
Almost Zero for the sake of Dog. Don't get all worked up about this.

If there is a performance loss when applying any of these patches, I for sure will not apply them.
I'll wait a couple of weeks/months to read about all the screaming and shouting from people who find that their system
is up to 30% slower after applying these patches. Hehe, the noise from all the RAC chasers here. :-)

Geeze, what a ruckus for something that a normal home user really shouldn't worry a bit about.

For the type of things that most people commonly use a computer for, almost no detectable performance loss with the security patches.
Seti@Home classic workunits:20,676 CPU time:74,226 hours

A proud member of the OFA (Old Farts Association)
ID: 1910581 · Report as offensive
Ghia
Avatar

Send message
Joined: 7 Feb 17
Posts: 238
Credit: 28,911,438
RAC: 50
Norway
Message 1910585 - Posted: 4 Jan 2018, 18:11:26 UTC

I have applied the patch for my Win7 x64 system (KB4056897). Will be interesting to monitor if there is any impact to S@H.

Another funny thing MS came up with : "If you have not been offered the security update, you may be running incompatible anti-virus software and you should follow up with your software vendor. To help protect our customers from blue screens and unknown scenarios, Microsoft is requiring all anti-virus software vendors to attest to the compatibility of their applications by setting a Windows registry key."

As far as I understand it, this will be the case for all security updates from MS as of Jan.3.
Humans may rule the world...but bacteria run it...
ID: 1910585 · Report as offensive
bluestar

Send message
Joined: 5 Sep 12
Posts: 6995
Credit: 2,084,789
RAC: 3
Message 1910596 - Posted: 4 Jan 2018, 18:49:08 UTC
Last modified: 4 Jan 2018, 19:30:14 UTC

Come on, trust both Microsoft and Norton, if perhaps not any else.

As an example, we could make it both Home$Group User, or Update$User here, if not perhaps any S-1-2-3-4745 either, for that of the Registry,
but if a user could be hacking a system, either that of malicious code for that of a Trojan for doing so, or perhaps doing it directly using a port on a given computer.

This because there always should be a difference between that of technology itself, and also its use, and next that of a malicious user which could be carrying out a possible attack.

At least so for the worst things, except for perhaps others as well, which could be below, or further down in the queue.

Except for that, also a couple of other things more left to be watching right now.
ID: 1910596 · Report as offensive
Profile moi

Send message
Joined: 25 Dec 14
Posts: 11
Credit: 450,224
RAC: 0
France
Message 1910598 - Posted: 4 Jan 2018, 19:14:26 UTC - in response to Message 1910596.  

Why i would do this shit in my intel linux pc for SETI...

I will not apply this ...
ID: 1910598 · Report as offensive
Profile tullio
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 8797
Credit: 2,930,782
RAC: 1
Italy
Message 1910601 - Posted: 4 Jan 2018, 19:25:23 UTC

I am using only AMD Cpus both on Windows 10 and SuSE Linux. Should I apply the patches too? Microsoft sends me an upgrade every month, and I have no way to refuse it. I can refuse to install Linux updates, but so forth they have done no damages. I am running 4 BOINC projects using also nVidia graphic boards and/or VirtualBox.
Tullio
ID: 1910601 · Report as offensive
Profile moi

Send message
Joined: 25 Dec 14
Posts: 11
Credit: 450,224
RAC: 0
France
Message 1910604 - Posted: 4 Jan 2018, 19:29:28 UTC - in response to Message 1910601.  
Last modified: 4 Jan 2018, 20:29:17 UTC

tullio "I have no way to refuse it"

All windows can.

Windows update ==> Download but let me choose or disable.


Read this about meltdown https://meltdownattack.com/meltdown.pdf
ID: 1910604 · Report as offensive
Profile Mike Special Project $75 donor
Volunteer tester
Avatar

Send message
Joined: 17 Feb 01
Posts: 34253
Credit: 79,922,639
RAC: 80
Germany
Message 1910650 - Posted: 4 Jan 2018, 21:19:27 UTC - in response to Message 1910601.  

I am using only AMD Cpus both on Windows 10 and SuSE Linux. Should I apply the patches too? Microsoft sends me an upgrade every month, and I have no way to refuse it. I can refuse to install Linux updates, but so forth they have done no damages. I am running 4 BOINC projects using also nVidia graphic boards and/or VirtualBox.
Tullio


No, don`t do those updates.


With each crime and every kindness we birth our future.
ID: 1910650 · Report as offensive
Profile Bernie Vine
Volunteer moderator
Volunteer tester
Avatar

Send message
Joined: 26 May 99
Posts: 9954
Credit: 103,452,613
RAC: 328
United Kingdom
Message 1910655 - Posted: 4 Jan 2018, 21:26:02 UTC - in response to Message 1910650.  

I am using only AMD Cpus both on Windows 10 and SuSE Linux. Should I apply the patches too? Microsoft sends me an upgrade every month, and I have no way to refuse it. I can refuse to install Linux updates, but so forth they have done no damages. I am running 4 BOINC projects using also nVidia graphic boards and/or VirtualBox.
Tullio


No, don`t do those updates.

Not sure the Windows Home edition can refuse, if so I don't know how.
ID: 1910655 · Report as offensive
bluestar

Send message
Joined: 5 Sep 12
Posts: 6995
Credit: 2,084,789
RAC: 3
Message 1910661 - Posted: 4 Jan 2018, 21:48:39 UTC
Last modified: 4 Jan 2018, 21:51:00 UTC

The problem with not updating, except for that of a technological issue or problem in my case, is that the market for that of applications could be catching in and next bypassing a given technology,
because it could be for a general use or purpose for such a thing.

But except for such a market also sometimes legal as well, if not most of the time, also those things being mentioned for that of users and groups, and next also in a single name,
because we could be having the bad system for that of both errors and similar code, which next could be produced and become saturated, if not transmitted, across the web.

Therefore better have the updates, rather than not, and next also in a consecutive order.

Here for that of Windows only.
ID: 1910661 · Report as offensive
Darth Beaver Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Avatar

Send message
Joined: 20 Aug 99
Posts: 6728
Credit: 21,443,075
RAC: 3
Australia
Message 1910680 - Posted: 4 Jan 2018, 22:33:27 UTC

So the hackers are at it again , ummm that might just explain what happened 36 hrs ago to me

There I am sitting at the machine and all of a sudden I get this phone call on the landline ( I have fibre to the home and phone runs on that )

The number on the display was very weird 03 242 , weird in the fact there should have been a few more numbers .

So I pick it up and then hang up and go back to the computer.

I had face book open and I get a friends request, lucky Lee my girlfriend was here she tells me no don't add him I ask why and she tells me he's a friend of a friend .

I think nothing of it seeing as he has come up as a suggested friend , probably because Lee has him on her Facebook or because her other friend has him on his Facebook

I ignore it and about 5-10 mins later I get another friends request but this time it's some chick I don't know and is not on Lees facebook

So I try to delete that request I get a message that the persons profile does not exist I think mmmmm strange !

I then delete the other request and both of them disappear .

I can only think now I know there is a exploit with the CPU that some how they hacked the modem and was reading the memory and that is how I got the friends request and when that didn't work they tried a second one with a picture of some hot chick thinking I would add them .

Read my lips suckers I don't add people to Facebook unless I actually have meet you face to face or know you for a very long time so please don't bother trying to hack me I'm not a NEWBEE.

Also any Crypto I have is not stored on my home system so your wasting your time there and all accounts have 2 factor authentication so don't even try it with twitter as that was also tried about a week ago .

It's a dead give away when twitter asks you while you have the page open to change you password and after you do you get the mobile phone web site on you computer and not the normal web page site . Also not good to try and hack someone that has the screen in the lounge room where I spend most of my time witch means I'm in front of the dam machine almost 24/7

Gues the Dumb... thought I actually use a mobile phone like all the other people and have things like Twitter or Facebook on them . Maybe the phones do have them apps but I do not use a mobile smart phone for anything other than making phone calls or sending txt's I do not use phones for social media it's always been to risky to use them for that and is now even more so

So be warned a hackers first type of attack will be to use your social media via your smart phone to hack you

Watch a show called cyber war and you will understand how these people do what they do and how doing just simple things can stop them in there tracks

So be careful out there they may be now able to read your memory but I suspect there still going to have to fall back on other ways to actually hack you so don't let them and reject all requests from Facebook and twitter unless you really know the person .

Any accounts you have at banks or Bit Coin activate 2 factor authentication and then you should be ok . Also when you get weird phone calls go straight to your computer and wait for the hack and reject any friends request you don't know and turn up your security by having all accounts active with 2 factor authentication .

I would also say buy a second mobile phone and use that .

I have 2 mobile phones and the authentication is split between the 2 phones . Some accounts the 2 factor authentication is on 1 phone and some accounts are on the other 1 and use different passwords for every site

(It mite help to have a little Black Book to keep all the usernames and passwords in so you don't forget witch is witch ) But make shore you store said black book somewhere people can't get at it if your broken into and robbed
ID: 1910680 · Report as offensive
Profile HAL9000
Volunteer tester
Avatar

Send message
Joined: 11 Sep 99
Posts: 6534
Credit: 196,805,888
RAC: 57
United States
Message 1910694 - Posted: 4 Jan 2018, 23:39:19 UTC

I am not really worried about these issues for any of my home systems. As my systems would have to already become compromised by an attacker. At which point they could just access any data directly.

How it effects environments like AWS is really my only concern.
SETI@home classic workunits: 93,865 CPU time: 863,447 hours
Join the [url=http://tinyurl.com/8y46zvu]BP6/VP6 User Group[
ID: 1910694 · Report as offensive
Previous · 1 · 2 · 3 · 4 · 5 . . . 6 · Next

Message boards : Number crunching : Intel security flaw


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.