BitDefender Researchers Discover "Terrifying" Security Vulnerability in Intel CPUs

Zarathustra[H]

Zarathustra[H]

Extremely [H]
Joined
Oct 29, 2000
Messages
36,045
Another day, another Intel hardware security bug. This time it's called Microarchitectural Data Sampling (or MDS for short) and has been proven to work on Intel's Ivy bridge, Haswell, Skylake and Kaby Lake CPU's.

This vulnerability is particularly concerning because it allows an attacker to access privileged kernel-mode information.

I'm wondering if my aging Westmere-EP server and my Sandy-E desktop are affected.

So, how long before all CPU's return to being in-order designs? Out of order designs certainly have some real performance benefits, but it seems like they inevitably lead to vulnerabilities.
 
  • Like
Reactions: ChadD
like this
J

jeffj7

Weaksauce
Joined
Jun 2, 2012
Messages
113
my old 8320 starting to look good compared to the i5 my brother gave me if i have to disable hyper threading
 
  • Like
Reactions: xjfv
like this
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
7,293
Here's hoping Intel has a new architecture coming out soon, I understand that the Gen 8 and 9 chips aren't effected by this one but it is only a matter of time as those use the same underlying design.
 
Auer

Auer

[H]ard|Gawd
Joined
Nov 2, 2018
Messages
1,972
Tempted to turn MT off in Bios to see how the old Xeon 1620-0 would make out as a 4/4...
 
Nobu

Nobu

[H]F Junkie
Joined
Jun 7, 2007
Messages
8,957
Zarathustra[H] said:
So, how long before all CPU's return to being in-order designs? Out of order designs certainly have some real performance benefits, but it seems like they inevitably lead to vulnerabilities.
Click to expand...
It shouldn't be an inherent flaw of the process, just need to be smarter about how they do it. Of course, that doesn't mean a more secure method would be easier and more efficient than an optimized in-order process.
 
Tsumi

Tsumi

[H]F Junkie
Joined
Mar 18, 2010
Messages
13,608
Since Ivy Bridge is for the most part a die shrink of Sandy Bridge, any exploits on Ivy Bridge should be applicable to Sandy Bridge.

According to Intel, it's already hardware mitigated with their 8th and 9th gen processors. It seems at least for this particular exploit they have known about it for a while.
 
Legendary Gamer

Legendary Gamer

[H]ard|Gawd
Joined
Jan 14, 2012
Messages
1,272
Tsumi said:
Since Ivy Bridge is for the most part a die shrink of Sandy Bridge, any exploits on Ivy Bridge should be applicable to Sandy Bridge.

According to Intel, it's already hardware mitigated with their 8th and 9th gen processors. It seems at least for this particular exploit they have known about it for a while.
Click to expand...
Intel isn't doing anything other than Software and Microcode BIOS mitigation. If they ever fix all of these security holes their processors will be slower than Bulldozer... Intel cannot afford to lose performance when they currently have nothing to challenge AMD. They had the time to fix many of these issues in hardware already.

Regardless, I am running mostly Intel (9600, 8600, 7500..) due to the applications I use on a regular basis. At this point my old Ryzen 1700 is starting to look really damn good... Too bad I donated it to someone...
 
Zarathustra[H]

Zarathustra[H]

Extremely [H]
Joined
Oct 29, 2000
Messages
36,045
RPGWiZaRD said:
Intel's loss is AMD's gain, Ryzen starts looking increasingly more temptive for every new vulnerability with all the patches applied, someone needs to be doing a unpatched vs fully patched benchmark run and comparison to AMD CPUs.
Click to expand...


Hopefully when AMD's 7nm CPU's launch at least one of the remaining review sites will do due diligence and actually retest all historical CPU's on a current fully patched system, instead of just using numbers from their past tests...

I'd trust the [H] to get it right, but I'm not sure I trust any of these remaining clowns...
 
Tsumi

Tsumi

[H]F Junkie
Joined
Mar 18, 2010
Messages
13,608
Legendary Gamer said:
Intel isn't doing anything other than Software and Microcode BIOS mitigation. If they ever fix all of these security holes their processors will be slower than Bulldozer... Intel cannot afford to lose performance when they currently have nothing to challenge AMD. They had the time to fix many of these issues in hardware already.

Regardless, I am running mostly Intel (9600, 8600, 7500..) due to the applications I use on a regular basis. At this point my old Ryzen 1700 is starting to look really damn good... Too bad I donated it to someone...
Click to expand...

Are you just blabbing this out of your ass or do you actually have proof to the contrary? We know Intel can and does do shady things but one thing they cannot do is outright lie to their customers. Especially now when they're trying to rebuild their image.
 
Hagrid

Hagrid

[H]F Junkie
Joined
Nov 23, 2006
Messages
9,157
AMD may be doing well making their stuff better and faster, but at this rate Intel will be slower with all the fixes it needs by it's own hand.

How many more are they going to find and try to patch? :)
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
7,293
Tsumi said:
Are you just blabbing this out of your ass or do you actually have proof to the contrary? We know Intel can and does do shady things but one thing they cannot do is outright lie to their customers. Especially now when they're trying to rebuild their image.
Click to expand...
Well how they have fixed them to date is with bios patches for the most part so yes the flaws still exist, in the 8'th and 9'th gen they have a mitigation built into the chip which will probably be circumvented eventually as the underlying flaw in how the Intel CPU's do out of order execution still exists. So yes the correct fix is to not only disable hyper threading as that is where they start the attack from but to also disable out of order execution as that is where the actual flaw seems to be, which would essentially turn the most expensive of the i7's into large Atom's.
 
Tsumi

Tsumi

[H]F Junkie
Joined
Mar 18, 2010
Messages
13,608
Lakados said:
Well how they have fixed them to date is with bios patches for the most part so yes the flaws still exist, in the 8'th and 9'th gen they have a mitigation built into the chip which will probably be circumvented eventually as the underlying flaw in how the Intel CPU's do out of order execution still exists. So yes the correct fix is to not only disable hyper threading as that is where they start the attack from but to also disable out of order execution as that is where the actual flaw seems to be, which would essentially turn the most expensive of the i7's into large Atom's.
Click to expand...

Edit: NVM, misread.

As long as Intel can reasonably mitigate the exploit, things would be fine. Let's see how much of a performance impact the fixes have first.
 
L

Lakados

Supreme [H]ardness
Joined
Feb 3, 2014
Messages
7,293
Tsumi said:
If it is an inherent flaw that cannot be reasonably mitigated, then AMD is in the same boat. No reason to single out Intel here. I believe it is far too early to call the death of SMT and out-of-order execution, and this seems to be a flaw mostly focused on SMT vulnerabilities anyways.

As long as it can be mitigated to a level where administrative and/or physical access is required to execute the attack, I would call it reasonably mitigated.
Click to expand...
AMD might not be immune but their methods for doing both out of order operations and how they have managed hyper threading are drastically different, so an attack vector may exist in their chips but it certainly isn't going to be the same and given their market saturation there probably isn't a financial incentive to try to discover one where with Intel there is.
 
  • Like
Reactions: Tsumi
like this
C

clockdogg

[H]ard|Gawd
Joined
Dec 12, 2007
Messages
1,175
viivo said:
So Coffee Lake is fine?
Click to expand...

Nope. Not according to this report on Tom's.

"The Spoiler exploit is present specifically within Intel's Core CPUs, which include the original Core 2 Duo CPUs all the way up to Intel's most recent Coffee Lake, Kaby Lake, and Skylake CPUs, as well as future Cascade Lake and Ice Lake products. While Spoiler is similar to Spectre, it is a separate issue, making patches for Spectre ineffective against Spoiler exploits."
 
B

Burticus

Supreme [H]ardness
Joined
Nov 7, 2005
Messages
4,893
Oh great. Another round of performance crushing firmware updates for all my Xeon UCS blades. Bye bye, all my free weekends...
 
lostin3d

lostin3d

[H]ard|Gawd
Joined
Oct 13, 2016
Messages
2,043
Thanks! Seems this is one of the few that won't exploit my 2600k. Still rocking like a champ!

tenor.gif
 
Tsumi

Tsumi

[H]F Junkie
Joined
Mar 18, 2010
Messages
13,608
clockdogg said:
Nope. Not according to this report on Tom's.

"The Spoiler exploit is present specifically within Intel's Core CPUs, which include the original Core 2 Duo CPUs all the way up to Intel's most recent Coffee Lake, Kaby Lake, and Skylake CPUs, as well as future Cascade Lake and Ice Lake products. While Spoiler is similar to Spectre, it is a separate issue, making patches for Spectre ineffective against Spoiler exploits."
Click to expand...

This is not the Spoiler exploit. This is an entirely different attack dubbed MDS, which Intel had to be aware of for at least 3 years now to have implemented hardware fixes in Coffee Lake and Coffee Lake refresh. Now, whether or not the hardware fixes completely mitigated the exploit, there has been no independent confirmation as of yet. They are only announcing this now because they have bios updates and software updates ready.
 
Absalom

Absalom

[H]ard|Gawd
Joined
Oct 3, 2007
Messages
1,105
Out of order execution can be done selectively by a compiler, even on a CPU that doesn't even support OOE in hardware. There's nothing magic about doing OOE - it's literally the re-ordering of instructions so they are efficiently executed in a way that pipeline bubbles are eliminated or minimized. So even if OOE went away from hardware altogether (highly unlikely), it would still be an option via compiler. However, OOE via compiler would be opt-in and fall strictly under software tuning. Thus, lots of software would still lose out on free benefits if the hardware option were not present.

There's always going to be a tradeoff of performance vs security when it comes to these mitigations. They (Intel, AMD, etc.) need to go back to the drawing board and re-architect CPUs with security in mind. They've probably been using the same pro-performance design they came up with 20+ years ago. If it ain't broke, don't fix it mentality.

Not sure about the SMT exploits, but if I were to guess, that needs a re-architect.

Meltdown specifically targeted exploits in the Translation Lookaside Buffer. Those designs will need to be reevaluated.

We may be looking at a decade before we see a fully secure CPU emerge on the market.
 
C

clockdogg

[H]ard|Gawd
Joined
Dec 12, 2007
Messages
1,175
Tsumi said:
This is not the Spoiler exploit. This is an entirely different attack dubbed MDS, which Intel had to be aware of for at least 3 years now to have implemented hardware fixes in Coffee Lake and Coffee Lake refresh. Now, whether or not the hardware fixes completely mitigated the exploit, there has been no independent confirmation as of yet. They are only announcing this now because they have bios updates and software updates ready.
Click to expand...

Ah...so many exploits, if Intel can't keep up, I can't either...Thanks!
 
Red Falcon

Red Falcon

[H]F Junkie
Joined
May 7, 2007
Messages
11,890
Tsumi said:
Are you just blabbing this out of your ass or do you actually have proof to the contrary? We know Intel can and does do shady things but one thing they cannot do is outright lie to their customers. Especially now when they're trying to rebuild their image.
Click to expand...
Everything I have read online (at least available to the public) is that they are "allegedly" adding in Meltdown and Spectre vulnerability fixes natively into hardware with the latest CPUs and SoCs; no mention on fixes for any of the other numerous exploits, recent or otherwise.
It isn't shady at this point, considering everything that has come to light, it is just disappointing - hopefully they will fix all of this in time, but it is going to require some massive engineering workarounds, and proof to all consumers, before full trust will be restored.
 
Red Falcon

Red Falcon

[H]F Junkie
Joined
May 7, 2007
Messages
11,890
Absalom said:
Out of order execution can be done selectively by a compiler, even on a CPU that doesn't even support OOE in hardware. There's nothing magic about doing OOE - it's literally the re-ordering of instructions so they are efficiently executed in a way that pipeline bubbles are eliminated or minimized. So even if OOE went away from hardware altogether (highly unlikely), it would still be an option via compiler. However, OOE via compiler would be opt-in and fall strictly under software tuning. Thus, lots of software would still lose out on free benefits if the hardware option were not present.

There's always going to be a tradeoff of performance vs security when it comes to these mitigations. They (Intel, AMD, etc.) need to go back to the drawing board and re-architect CPUs with security in mind. They've probably been using the same pro-performance design they came up with 20+ years ago. If it ain't broke, don't fix it mentality.

Not sure about the SMT exploits, but if I were to guess, that needs a re-architect.

Meltdown specifically targeted exploits in the Translation Lookaside Buffer. Those designs will need to be reevaluated.

We may be looking at a decade before we see a fully secure CPU emerge on the market.
Click to expand...
From everything that has been tested online, outside of Spectre (any CPU ISA that uses OOE has this), AMD has not been affected by all of these exploits, SMT and OOE present or otherwise.
The vulnerabilities AMD has had requires root/admin privileges on the system to perform them, and at that point, there are bigger issues...

This isn't a flaw with x86/x86-64, it is a flaw with how Intel has been getting away with security holes that have added performance, but as of late, show how unsecure their CPUs/SoCs really are.
 
Tsumi

Tsumi

[H]F Junkie
Joined
Mar 18, 2010
Messages
13,608
Red Falcon said:
Everything I have read online (at least available to the public) is that they are "allegedly" adding in Meltdown and Spectre vulnerability fixes natively into hardware with the latest CPUs and SoCs; no mention on fixes for any of the other numerous exploits, recent or otherwise.
It isn't shady at this point, considering everything that has come to light, it is just disappointing - hopefully they will fix all of this in time, but it is going to require some massive engineering workarounds, and proof to all consumers, before full trust will be restored.
Click to expand...

Straight from Intel, Coffee Lake already has hardware fixes for MDS. There is no "alleged" for this vulnerability.
 
S

SvenBent

2[H]4U
Joined
Sep 13, 2008
Messages
3,322
Absalom said:
Out of order execution can be done selectively by a compiler, even on a CPU that doesn't even support OOE in hardware. There's nothing magic about doing OOE - it's literally the re-ordering of instructions so they are efficiently executed in a way that pipeline bubbles are eliminated or minimized. So even if OOE went away from hardware altogether (highly unlikely), it would still be an option via compiler. However, OOE via compiler would be opt-in and fall strictly under software tuning. Thus, lots of software would still lose out on free benefits if the hardware option were not present.

There's always going to be a tradeoff of performance vs security when it comes to these mitigations. They (Intel, AMD, etc.) need to go back to the drawing board and re-architect CPUs with security in mind. They've probably been using the same pro-performance design they came up with 20+ years ago. If it ain't broke, don't fix it mentality.

Not sure about the SMT exploits, but if I were to guess, that needs a re-architect.

Meltdown specifically targeted exploits in the Translation Lookaside Buffer. Those designs will need to be reevaluated.

We may be looking at a decade before we see a fully secure CPU emerge on the market.
Click to expand...

on itarnium OoOE was handled by the compilers and not hardware btw
 
J

jardows

2[H]4U
Joined
Jun 10, 2015
Messages
2,209
Nobody ever got fired for buying Intel. Security exploits that can compromise all your sensitive data? No problem, just keep buying Intel!
 
Monkey34

Monkey34

Supreme [H]ardness
Joined
Apr 11, 2003
Messages
5,138
"ZombieLoad affects every Intel processor made since 2011. The bug can even be used on virtual machines in the cloud."
 
dvsman

dvsman

2[H]4U
Joined
Dec 2, 2009
Messages
3,628
Wow I'm glad I made the jump when I did (5930k -> 1700 -> 2700x) - the bad news just keeps coming for Intel.

While I hope for more Intel price cuts, there always needs to be competition to keep the market innovation coming and prices in check.
 
You must log in or register to reply here.
Top