Critical Flaws in Computers Leave Millions of PCs Vulnerable

The Spectre of Hardware Security Looming over Intel SGX
https://www.inpher.io/journal/spectre

 

Everything is a Big mess nowadays. Intel and Micro$haft is the Bell sheep as you can see. And not forget the Jokes pushed out called laptops When will it turn?

 

God save us all, no one feel safe anymore, I'm wasting a lot of time trying to protect myself, my family and all my friends. I start getting many laptops and PC's from my relatives complaining about problems, I found all of them related to Intel and Microsoft new issues. Hope that I can find a solutions for them soon.

 

Yep Intel is a lost cause and AMD is our savior for now.

 

AMD is fine for the new purchase, but what about our investment now with Intel.

 

I suppose it will be named Golden eye or Live or Let Die or YOLT.

 

Think of it as charity.

 

Yes maybe I will feel better this way .

 

All depends on your Kings decision, they can kick out Intel from ME/Asia and that will destroy Intel's Business. Hahaa.

 

I don't think they can do that not even close,
For our own good I don't recommend any technology owner to be kicked out, we need them all to compete and give us the best technologies with the best price. We are enjoying Intel and Microsoft and others for decades now, it's not fair that we deal with them very bad for some mistakes, maybe someone force them to do it and they have no choice. I'm not defending them but just to be fair.

 

Not to be kicked out for eternity but for sometime will certainly help in rebuilding their rep.
We have alternative these days Arm,AMD and others.

 

Practically, no one has the power to kick out such organizations from the market or even do anything, "[EDIT] except those who can kick out a president/king ", we have to deal with it. I feel so happy that we all now understand clearly all about what is happening offstage, now it's not heddin anymore.,

 

AMD ain't a option. Still lack proper overclocking and come with low stock clocks. + offer less performance. Even with the screw up from Intel and Micro$hity. You offer an even worse option

 

Its a new platform and majority of them prefer Intel over Ryzen. With time, the difference will not be huge like today.

 

I can see you think or hope that Intel will let AMD take their main and only advantage. AMD is Bang for Bucks. Don't have too big hopes they will take everything. Intel won't allow lose in every battle. If so... It's game over for them.

 

As if they will sit idly and watch AMD takeover their shares, they'll introduce some FW that will increase performance with increasing temps. Microcode level OC.

 

Dell Warns Customers Not To Install Intel Spectre BIOS Update Over Rebooting Concerns-hothardware.com
"It appears that the fallout from Intel's release of BIOS updates to address Spectre and Meltdown chip vulnerabilities continues to rain down on the PC community. Most recently, Dell has advised its customers against installing BIOS/microcode updates that have been distributed to address Spectre(Variant 2)."

 

Intel Microcode revision list for client - datacenter/ workstation.PDF

 

↑
Updated Intel-SA-00086 Detection Tool Version: 1.0.0.135 (Latest) Date: 11/27/2017 @Mr. Fox @Phoenix @Dr. AMK @Ashtrix +++ all not mentioned here.
Will the new one above work better?
↑
And Intel continue updating their detetion Tool. Now in 3rd version @tilleroftheearth Intel-SA-00086 Detection Tool Version: 1.0.0.146 (Latest) Date: 12/7/2017
Flawed firmware. And the detection Tool to see if you have their ****y ain't much better.
↑
Are they trying to hack the MEI themselves or even threaten users will updates every week or month. Atleast they could have given generic ME FW for all affected PCs.
↑
Amazing they needed 3 updates in short while for their detection Tool. When will Version 4th come?

Her we go... Version 5 Intel-SA-00086 Detection Tool Version 1.1.169.0 (Latest) Date: 1/24/2018 When will the 6th version come?

 

For those fretting or losing sleep over it, below is what Intel says about the new version. It appears the version update is only irrelevant to those that use AMT v8.x-10.x.

Spoiler: Intel Detail Description

Detailed Description

Purpose
The INTEL-SA-00086 Detection Tool assists you with detection of the security vulnerability described in INTEL-SA-00086. Read below for more information.

SA00086_Windows.zip: For Windows* users

This download contains two versions of the tool:

• The first version is an interactive GUI tool that discovers the hardware and software details of the device and provides a risk assessment. This version is recommended for a local evaluation of the system.
  
• The second version of the tool is a console executable that saves the discovery information to the Windows* registry and/or to an XML file. This version is more convenient for IT administrators wanting to perform bulk discovery across multiple machines to find systems to target for Firmware updates.

SA00086_Linux.tar.gz: For Linux* users
The version of the tool is a command-line executable that will display a risk assessment for the system being tested.

Note: Versions of the INTEL-SA-00086 Detection Tool earlier than 1.0.0.146 did not check for CVE-2017-5711 and CVE-2017-5712. These CVE's only affect systems with Intel® Active Management Technology (Intel® AMT) version 8.x-10.x. Users of systems with Intel AMT 8.x-10.x are encouraged to install version 1.0.0.146, or later, to help verify the status of their system in regards to the INTEL-SA-00086 Security Advisory.

 

Yeah, I won't lose my sleep over this, but 5 versions in a row Almost as the new modern Windows 10 "services". And you need only push out one or maybe a service pack. I wonder when they will throw out the 6th version. Maybe intended for GOD or super ADM?

 

Nice finding, they are floundering, they are trying to fix their failure and in the same time trying to cover their wounds, it will take some time until they stabilize their situation.

 

Yeah, It has been very quiet on their download site the last days after last miss with "crippled" Microcode intel.com/download/27337/Linux-Processor-Microcode

 

I don't understand why this kind of huge companies acting like that. Each time there are failures, bugs, malfunction, etc.... all the time the consumer is the one who bears the consequences??!! we didn't see one of those companies for example compensation their consumers by any way. They have earned billions from us, but once their is a problem, they act like they don't know who we are. This is not fair. Where is the international laws to protect us or any kind of regulations.

 

The European Union try as hard it can to fine the BIG international companies for abusing its dominance , but this is not enough. We need a BIG world wide International Hammer. People pay up to $2000 usd for flawed chips. Nice.

 

Well, I think more problematic thrashing like this happens during emergencies - and when the engineers are still getting a grasp of the situation and scope of the effects - it's alpha / beta code at best, but important enough to some to want to get it even with the possibility of failure or side effects.

The way the release is positioned should likely be improved explicitly to inform potential users of the code - so they don't think it's "finished" in function or form, and to maybe not release it through their own official channels of distribution as "finished" product.

I've noticed that iterative production releases like Google championed to improve release of technologies and new functionality without formal testing has blurred the lines of reality against long established expectations.

I expect these things to be buggy, many don't realize this is the way of software releases now, and still expect releases to be "perfect".

Most do not understand that there is a further requirement for careful monitoring of additional iterative update releases until problem(s) are declared "finished", which may also never happen, or at least for a longer than "expected" time frame.

You'd think Microsoft's Windows 10 Updates would have reset those expectations adequately already, but it appears people still expect other outlets to "do better".

Intel are doing the same as everyone else, releasing everything they come up with, and seeing "what sticks".

This is the new industry standard.

 

I'm not sure the new standard of often buggy releases pioneered by Windows 10 & Microsoft should be a yard stick for all future tech related releases in the industry - I hope not!

 

That's just it, Microsoft aren't the "first", they are following the long brewing industry "standards".

Reducing or completely removing alpha and beta testing cycles, with limited releases to carefully vetted customers that are themselves able to provide a high level of accurate and useful feedback to find and fix bugs in field installations that provide real world environments, is becoming a thing of the past.

Now the trend is for all customers, most that are / were unaware of the nature of the highly likely buggy state of the software, to be able to get such marginally tested releases.

That's why people still rush to download and install any and all software updates, hoping to get their problems fixed - not realizing they are opening themselves up to new bugs and no actual solution to their original problem.

That's why I won't touch Windows 10 until development is complete.

Once Microsoft stops feature updates, and focuses on bugs only; that's when the time to start watching Windows 10 more closely as a potential upgrade starts. Starts.

That's why Windows 8.1 and Windows 7 as feature complete OS's, with security fixes - and critical bug fixes - are the OS's to use for day to day production use.

Windows 10 is for bleeding edge development only.

Well, Microsoft considers anyone sucker enough to run Windows 10 as fodder to collect usage data, code failure data, and primarily for the $$$$ generated by collecting personal data, a new profit center.

Never run the current feature development branch of any OS as the base for useful reliable computer services.

The same goes for PC personal use. You can't expect stable OS operation unless you run the feature complete long term maintenance branch.

Don't you guys realize that yet?

 

Intel survived selling ****ty in all aspects P4 CPUs vs decent K7's available for a fraction of price - of course they will survive this, in my opinion.

 

People forget that even AMD's chips have bugs. Not at the same level, but they are not flawless. Of course they will survive this little bump on the road making more $$$

 

Maybe yes, maybe no...

It’s Happening – Attackers Start Testing Malware Exploiting Spectre and Meltdown Flaws
By Rafia Shaikh, 10 hours ago
https://wccftech.com/attackers-testing-malware-exploiting-spectre-meltdown/

"The details of the Spectre and Meltdown bugs have been out in the public for a few weeks now and barely any devices are patched up against these security disasters. Security researchers now report having discovered over 130 malware samples trying to specifically exploit these recently discovered and patched vulnerabilities. Mostly in the testing phase, successful attacks in the wild are expected to begin soon.

Fortinet reported that the security firm is tracking malware samples exploiting the vulnerabilities, most of which are based on the available proof of concept. “The rate at which the cybercriminal community is targeting known vulnerabilities is clearly accelerating, with the WannaCry and NotPetya exploits serving as perfect examples of the need to patch vulnerable systems as soon as possible,” the company wrote. “Which is why our concerns were raised when we recently learned about some of the largest vulnerabilities ever reported – ones that affect virtually every processor developed since 1995 by chip manufacturers Intel, AMD, and ARM.”

Researchers at AV-Test also reported seeing 119 new samples focused on these vulnerabilities between January 7 and January 22. In the past week, that number reached to 139. “Most appear to be recompiled/extended versions of the PoCs – interestingly, for various platforms like Windows, Linux and MacOS,” Andreas Marx, CEO of AV-Test, told SecurityWeek. “We also found the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox in our database now.”"

It should be noted that the currently available samples are still in the testing phase as attackers are actively looking into ways to exploit these to extract data from affected systems. The vulnerabilities could enable attackers to bypass memory isolation mechanisms and access everything, including sensitive data like passwords.

While software companies and chip makers are scrambling to release updates that don’t break systems, Marx also advises users to switch off computers and close web browsers when not needed, which “should decrease your attack surface a lot.”

 

We will need Avengers franchise.
Papusan: BGA Punisher
Mr Fox: Mr. Iron Man, Kills BGA w/o adding Telemetry services to JARVIS.
Phoenix: BGA/LGA Savior aka High evolutionary's BOSS.

 

Intel Chips Face Another Possible Vulnerability

Intel's year isn't getting off to a very good start. Just after the discovery of a pair of critical vulnerabilities that have been in their chipsets for more than a decade comes the discovery of yet another serious flaw that could impact millions of laptops around the world.

A Finnish data security firm called "F-Secure" just reported an issue with Intel's Active Management Technology (AMT) that could allow a hacker to completely bypass the machine's normal login procedure and take control of the target device in under a minute.

AMT is an admin-level feature that allows organizations to control and manage large numbers of PCs and workstations quickly and efficiently via remote. To take advantage of the flaw, a hacker would need physical access to the machine, which is its one saving grace. However, if they have that, they can take complete control even if a BIOS password has been set.

While other research teams have discovered AMT vulnerabilities in the past, this one deserves special attention for three reasons:

• Once in control, the hacker could gain remote access to whatever network the machine is attached to at some later point.
• It affects almost all intel laptops, and odds are that if you're a business owner, there are a number of laptops with Intel chipsets connected to your network
• It's an incredibly easy flaw to exploit, requiring no code whatsoever.

F-Security Research Harry Sintonen had this to say about it:

"The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual's work laptop, despite even the most extensive security measures."

It should be noted that this flaw is in no way related to the Spectre and Meltdown vulnerabilities that have been reported on earlier, giving Intel a trio of nasty problems to deal with right at the start of the new year.

 

This has been posted many times, and I try to remind everyone that this is an Administrators responsiblity to set the Admin password and if the laptop has AMT to set that password too.

The Admin password and AMT password might be administrated by different groups, so you want to check with your employer which group manages which password, and get them to set it to their standard settings.

If it's your own laptop, why did you buy a laptop with AMT??

Just set the password for Admin and AMT so noone can get in to your BIOS while you are away from the desk at lunch.

 

The BIOS security options are available for long time now, the problem is no one is using them. I have been employed with many Government/Private sectors organizations, never saw any of those options were used anywhere, they are depending on Active Directory and Group Policies, or similar administrative solutions, so they just keep them at default setting all the time.

 

Well, unfortunately they need to be there, otherwise the people that do use them couldn't - they should be used. People should password protect their PC BIOS / AMT, it's just common sense.

It's a big problem everywhere.

A solution would be to issue cryptographic keys that are administered by the cryptographic manager onsite, but many places don't have any idea about this, so it would be a confusing waste of time and money to provide this for each PC.

So a simple no password or default password is given to every unit of the same model, for Admin and AMT, and unless you change the default - or set a password - it's open for anyone to use.

You also can't make the access only from the host OS, behind user or admin logins, as that would be putting the cart before the horse.

I suppose it's possible to make the user by default locked out of the BIOS / AMT, and use an online activation, along with an offline / phone activation like MS does for Windows, and other software does, but that would be a large cost currently not considered into the build of hardware.

Making it look like a new insecurity for Intel isn't really fair.

 

I pose a question...
How far do we think we are behind in processing power today, due to all the patches and additional layers of security that has been piled on over the years?
Of course, not all patches have negative affects, and may even improve performance.
But it makes you wonder just how advanced tech has become, held back by increasing security risks.

 

We didn't see anything yet, the real risks are still coming on the way.

 

An article by Toms Hardware dated from today, that tests Meltdown/Spectre patches vs No Patches to determine performance impact in gaming:
http://www.tomshardware.co.uk/gaming-performance-meltdown-spectre-intel-amd,review-34195-8.html
The short answer is that framerates were not affected. The longer answer is that we're still all waiting for Spectre Variant 2 patches to come through from Intel & OEM's in the form of BIOS updates that are likely to cause some slowdowns potentially. So this article can only test Meltdown as well as Spectre Variant 1 patches.

 

Intel Launches Xeon D-2100 Processors with up to 18 cores and 36 threads-Guru3d.com

Intel specifically mentions that the new processors are protected by software updates against the Spectre and Meltdown vulnerabilities

 

We have to wait and see. I really don't trust technologies companies those days, what is happening now on the market is so crazy, and everyday we are seeing more crazy stuff from HW/SW companies.

 

Well these chips just has uCode fixes and that's all. Looks like, Intel needs more money in R&D to solve the exploit called Spectre.

 

They are doing all of that deliberately to serve other purposes perhaps beyond their control. They don't need money, they needs ethics.

 

They don't want cloud servers to switch to EPYC and launched these just to make them happy.

 

Intel Releases New Spectre Patch Update for Skylake Processors
https://thehackernews.com/2018/02/intel-processor-update.html

After leaving million of devices at risk of hacking and then rolling out broken patches, Intel has now released a new batch of security patches only for its Skylake processors to address one of the Spectre vulnerabilities (Variant 2).

For those unaware, Spectre (Variant 1, Variant 2) and Meltdown (Variant 3) are security flaws disclosed by researchers earlier last month in processors from Intel, ARM, and AMD, leaving nearly every PC, server, and mobile phone on the planet vulnerable to data theft.

Shortly after the researchers disclosed the Spectre and Meltdown exploits, Intel started releasing microcode patches for its systems running Broadwell, Haswell, Skylake, Kaby Lake, and Coffee Lake processors.

However, later the chip maker rollbacked the firmware updates and had to tell users to stop using an earlier update due to users complaining of frequent reboots and other unpredictable system behavior after installing patches.

Although it should be a bit quicker, Intel is currently working on new patches and already in contact with hardware companies so that they can include the new microcode patch in their new range of firmware updates.

So far, the new microcode update only addresses devices equipped with mobile Skylake and mainstream desktop Skylake chips, leaving the Broadwell, Haswell, Kaby Lake, Skylake X, Skylake SP, and Coffee Lake processors still vulnerable to Spectre (Variant 2) vulnerability.

So, everyone else still has to wait for the company to release microcode updates for their systems.
"Earlier this week, we released production microcode updates for several Skylake-based platforms to our OEM customers and industry partners, and we expect to do the same for more platforms in the coming days," the company says in a blog post."We also continue to release beta microcode updates so that customers and partners have the opportunity to conduct extensive testing before we move them into production."

Intel has strongly urged its customers to install this update as soon as possible, because if not patched, these processor vulnerabilities could allow attackers to bypass memory isolation mechanisms and access everything, including memory allocated for the kernel containing sensitive data like passwords, encryption keys, and other private information.

Moreover, after the release of proof-of-concept (PoC) exploit for the CPU vulnerabilities last month, hundreds of malware samples are spotted in the wild, most of which are based on the publicly released exploit and designed to work on major operating systems and web browsers.

Although we have not yet seen any fully-featured malware based on Spectre and Meltdown vulnerabilities, it doesn't take much time for hackers to develop one.

So, users are urged to always keep a close eye on any update that becomes available on their system, and install them as soon as they become available.

 

Even though Intel have released a new microcode "just now" to solve Spectre on Skylake, that's only been released to OEM's - so we still have to wait for our motherboard manufacturers to provide us with a BIOS update that includes the microcode fix. In the case of my motherboard, it's compatible with both Kaby Lake & Skylake, so I think it's unlikely that MSI will release an updated BIOS until they have received the Kaby Lake Spectre-proof microcode from Intel too (which they are still waiting for), so I don't think I'll be getting an updated BIOS any time soon.

 

I wonder why they started with Skylake and not the newer Kaby Mind you, the OEM's prefer to patch their latest models first.