Intel wants to quickly take care of the vulnerability in processors, which has caused a sensation in recent days. According to its own statement , the company works with other processor manufacturers such as AMD and ARM Holdings together. The vulnerability allows attackers to access data stored in the kernel, such as passwords or other encrypted information.
According to Intel, the bug does not have the potential to corrupt, modify, or delete data . In fact, simple reading of data is at the heart of the problem. From Intel’s opinion is indirectly apparent when the first patches for the vulnerability can be expected: Next week they will probably be distributed.
First patches already distributed or in planning
Microsoft does not seem to want to wait for this and has distributed a first emergency update. According to the online magazine The Verge , it can already be downloaded on Windows 10 machines. However, systems with Windows 7 or 8 installed will not be updated until next Tuesday.
According to a blog post , Google has an update for the mobile operating system Android in the works, which addresses the error for ARM processors. The patch is expected by January 5th. However, the distribution on the many different Android phones should take longer. Google Chrome will receive a security update on January 23, version 64. Chromebooks and GSuite software should not be affected.
Apple expressed itself so far not clear to the security gap. The online magazine Macrumor speaks of a fix for MacOS 10.13.2, which was rolled out in December 2017. However, the problem is probably only for the most part and not completely resolved.
The devil has a name: Specter and Meltdown
The team from Google’s IT security department, Project Zero , said it had been aware of the bug since June 1, 2017. He has been told manufacturers such as AMD, ARM and Intel. So it’s not just Intel processors that are affected , as it was supposed to be , but also various other processors – including AMD and ARM CPUs. Google divides the gap into three categories and gives them two names: The first two categories are called Specter, the third Meltdown.
Under Specter Google sums up the error that actually protected data can be read out by mis-speculated execution of instructions of a CPU within the same process. This gap occurs in both Haswell Xeon processors from Intel and AMD CPUs FX and Pro series. The ARM Cortex A57 is also affected. This variant is called Google Bounds Check Bypass.
Under the same name, Google also poses a different problem: With normal user rights and a default configuration, read access to the virtual memory of a modern Linux kernel can be made provided the computer uses an Intel Haswell Xeon CPU. The reading speed was measured by the team at about 2,000 bytes per second. If the just-in-time compilation of the BPF is enabled in the kernel, this technique also works with AMD Pro CPUs. This is not the default.
Google was also able to reproduce Specter for a kernel virtual machine using the Intel Xeon CPU powered by virt-manager. However, the testers used an old kernel version of Debian. The kernel memory of the VM Host can thus be read at a transfer rate of 1500 bytes per second. Depending on the size of the RAM, the initialization takes a while – at 64 GB, it takes 10 to 30 minutes. This error is called by Google Branch Target Injection.
Meltdown probably affects only Intel CPUs
The second mistake, Meltdown, allows processes with traditional user privileges to read kernel memory under certain conditions. Google assumes that the kernel’s vulnerable data must be stored in the processor’s L1D cache for access to work. Here comes the problem with the speculative execution of Intel processors to fruition. According to Google, processors from other manufacturers are for the time being not affected by the error mentioned by the rogue data cache load.
To Meltdown also Linux developer Linus Torvalds expressed in a message. He has no good words left for Intel: ” A competent CPU developer would fix that by ensuring that speculative execution does not occur beyond protected areas,” hewrote. He also called on Intel to admit the mistake openly and honestly, instead of giving up “PR gibberish .”
AMD is only partially affected
In a separate statement Intel competitor AMD reports . It only affects Specter. The company’s security engineers divide the bug, like Google, into three categories: Bounds Check Bypass, Branch Target Injection, and Rogue Data Cache Load. The first error should be fixed by operating system updates from third-party vendors. In this case, a “negligible” performance loss is to be expected.
A threat from the second variant named Branch Target Injection, AMD almost does not exist. So far, this attack has not yet been adjusted on any AMD processor. Variation three is not possible on AMD processors, because the architecture of Intel’s processors is different.
0 Comments