Plundervolt Intel microcode update potentially killing undervolting for security?

I just saw this story on Wired discussing a new vuln called Plundervolt that compromises SGX by timing an undervolt causing a fault writing to the secure enclave to expose secrets.

https://www.wired.com/story/plundervolt-intel-chips-sgx-hack/

Unfortunately there's potentially bad news in there which should be important for us notebook users that like to undervolt to manage temps better. Intel's microcode update locks voltages to their defaults.

Not sure which Intel products are affected or which vendors they are talking about, but I do know these microcode updates are pushed through windows update.

We should keep an eye out, or perhaps there's more detailed info available out there for the manner in which the microcode update will be deployed.

 

This ZDNet article has more info, and thankfully maybe we can avoid the update or not enable the setting if we like having lower temps.

https://www.zdnet.com/article/new-plundervolt-attack-impacts-intel-cpus/

 

Oh my god... These are such crap news for us notebook enthusiasts

 

Well that's bad news... Thanks for posting this.

Wiki says SGX was introduced with Skylake, so Haswell is still safe (undervolted and overclocked it can keep up with even the latest chips, 10K Passmark EZ ).

With locked voltages you'll never get maximum performance because Intel chips always run hot and throttle under full load (thanks in big part to laptop manufacturers and their "good enough" cooling). Another nerf to Intel.

I guess it's time to upgrade to AMD, hopefully Zen will come to mobile workstations.

 

This is really bad news, is this will effect our DTR's Laptops with Desktop CPU's?

 

It affects all CPU's after and including the Skylake family, it will only affect those that have SGX turned on(off by default), but given that the current "fix" is to disable undervolting at the BIOS/micro-code level...

Thing is, its another glaring security hole, so Intel will pressure MS to bundle that micro-code into the windows micro-code DB so that Windows loads it before loading the OS, so, this will make us either live with that, or change the name of that file so that Windows wont update the micro-code during run time.

Also, will this lead to Intel flat out disabling undervolting/locking the MSR registers a lot in newer CPU's?
I would expect to see newer revisions of current models having this micro-code programmed at the factory and then nothing can be done to revert that..

 

Not to mention further future microcode updates that may fix other issues. We night be able to stop this particular one, but I do worry about the decision getting tougher down the road. Hopefully it's configurable somehow, but I'm not holding my breath. Especially for the windows microcode update side of the equation.

Sent from my Pixel 3a XL using Tapatalk

 

I received a BIOS update today and applied it to both my Skylake machines. On undervolted laptop, it seems to hold according to HWInfo... SGX is off. Maybe it's just a coincidence and this particular fix was not included...

 

Check micro-code revision with hwinfo.
Also, brand/model of the laptop?

 

I'm on B4 for Kaby Lake-H after last update from MS.

 

I'm on B4 too

 

Intel just can't get a break...if we can't adjust voltages live in the OS, maybe we can in the BIOS? And, perhaps there is a disable bit to allow users to disable the protections - at least long enough to establish the undervolt parameters for setting in the BIOS.

IDK if AMD is immune to this attack or not, but if Intel and ARM are vulnerable it's likely AMD will need to respond to this attack as well.

Hopefully the CPU control tools offered by each vendor - Intel XTU, AMD Ryzen Master, ARM? - will be able to have exceptions to make tuning changes even if such tuning is locked away from user processes.

 

D4 Skylake. Thinkpad Yoga 260.

 

Is there anyway to tell if we're impacted by this or if the fix has been applied?

 

Plundervolt?

Man.. they really need to come up with a cooler and more 1337 name for this one, something that goes well with Spectre and Meltdown. For that trifecta of exploits.

Something like 'undercore' or 'maelstrom'

 

Sh1tstorm - Intel Inside

 

Watch out, they know where you live thanks to the IME

 

Plundervolt is genius. Plundering secrets by undervolting..

 

ElectroHack 5000

 

I wonder what ODM notebook manufacturers that will screw up and fully lock bios first...
http://forum.notebookreview.com/threads/the-throttlestop-guide.531329/page-1076#post-10974273

 

Probably the usual suspects, looks like Dell for sure.

I'm wondering how system builders that have started undervolting by default are going to do. i.e. Apple and Razer I think.

Probably time for intel to stick one extra character on some of these model numbers so they can release a chip undervolted from the factory that's guaranteed to run at -100mV.

 

That's what I am expecting as well. Intel will be motivated to generate some kind of standard undervolt at the factory to satisfy the need for precise tuning of voltage for their CPU's. Or do what AMD does and automate the voltage and other tuning in the field installation - in the PC's in real-time.

I'm happy letting the automation find the highest best optimizations for performance - while automatically tuning for stability in real-time. We shouldn't need to do that manually - it's really a waste of time - that takes time away from the real reason we have the PC - to do work and play games. Intel should have been doing that all a long.

 

Just waiting for someone to reverse engineer intel microcode...

 

Trying to mess with MSR this morning on my Intel laptop :



Well, ok. Time to build an AMD rig.

 

Its encoded with something like RSA-4096, can't reverse what we can't even read.
At most Intel ME for 65/75 series chipsets was half reversed, thats why me_cleaner exists:
https://github.com/corna/me_cleaner

And its known that Intel CPU's run a Minix OS inside them while running with at least -2 ring access(aka everything, and a couple levels above admin/sudo), if someone ever cracks it, Intel is just done, because who cracks it just has the keys to every Intel CPU on earth due to the remote access tools that Intel ME provides..

 

Im sure someone has cracked it, just got to lure them out now and steal their technique during that process That might attract some bad attention though. I am unfortunately not big into programming, despite doing some of that long ago. Really though, whats the most anyone has tried? I find it hard to believe someone hasnt tried doing their own OS mapping doing it piece by piece with an older laptop kind of like how people reverse engineer older hardware for fun.

 

Why a microcode update? Doesn't bit 20 of MSR 0x194 work anymore to lock voltage settings until reboot? Would overclocking into instability also produce similar results with this vulnerability?

If this is all there is to worry about after 6 years then personally that's a relief although still a nuisance. My personal concern was for something like "killervolt" ( a play on kilovolt too). Just made up that name so don't bother googling it Not undervolting the CPU but maliciously overvolting it into oblivion!

 

Interesting thought, I bet it works the other way around, just a matter of if they can spike voltage quick and high enough to kill the chip.

 

Data collectors aren't trying to kill the data collection device, they are trying to "tickle" it to give up it's secrets. Plus you wouldn't want to create a noticeable disruption in function to the device while collecting data. Any such indications would alert the owner and cause them to take action which could end future data collection.

The Attacker will want their Victim to remain oblivious and complacent.

 

If wanting to collect data, identity theft then sure but that's only one type of person / organization. The early days of viruses, stoned comes to mind, were never about collecting data. To this day I'm not really sure what it was about, whether attention grabbing, causing disruption / mayhem or the person(s) thought it would be fun, such is the mentality of some people. I also don't think "Denial of Service" is dead either.

 

Collecting data has always been an important component - if only to gain leverage to replicate and propagate - to know it's environment - or to confirm claimed intrusions. Data can take many forms and have many uses - immediate use on site and communicated elsewhere for long term use.

Once past intrusion and marking coup - leaving their mark on the Victim's computer or account, in the beginning the payload was the replicant and means for propagation to the next Victim's computer.

There are many means and motivations along the way to today. But data gathering was always a component as it is necessary to see what is out there and report back the findings.

Today much of this is streamlined and simplified down to the goals and no trace is left behind in operation.

Here's a brief history, there's so much more info out there, but it's a good review of early times to the current time of the article:

Nov. 10, 1983: Computer 'Virus' Is Born
IM ZETTER, 11.10.09 12:00 AM
https://www.wired.com/2009/11/1110fred-cohen-first-computer-virus/

"...Viruses have proliferated rapidly since then, and malware has become more sophisticated and more vicious. The motives of malware writers have changed as well – instead of doing annoying tricks to your computer to get attention, the majority of programs sit stealthily on your computer to steal data, siphon money from online bank accounts or turn your system into a zombie for spam-spewing botnets."

And, that article was from 10 years ago... much has happened since then.

 

I'll post reviews about D6 uCode which I found in Intel uCode repo at Github.
I'm on D4 and my PC performance is bad when CPU usage is capped at 100%.

 

Especially this day and age where a lot of the extremely complicated vulns are found or used by criminal organizations or nation states for the purpose of data exfiltration or such activities. They have teams people that clock in and out from 9-5, it's a normal 40 hr a week job for them. Thankfully we have quite a few people around like Tavis Ormandy that can find some of these problems and facilitate them being patched.

 

No it hasn't as I already stated with example.

If that is supposed to be directed towards myself then FYI I'm not a teenager, in fact in 1983 I was already well past being a teenager and actually lived the moment.

Seems you've made up your mind on this and that's fine, it's your prerogative and I sincerely hope your right that we won't see some CPU killing malware. Best of luck with that, I myself will continue to set my voltages as I want them and lock them afterwards without any special microcode and zero performance loss. I thought some others might want to do the same or at least comment on whether the locking still works on newer processors, seems I'm wrong. Oh well, my bad.

P.S. Wishing all a Merry Xmas.

 

The CPU will shut down before any damage occurs.

 

One example of an exception doesn't make a global definition.

Well, I didn't say it wasn't a good idea to undervolt - it generally is a good idea - and I don't care either way about locking the voltage, because I don't think it's necessary.

If it becomes the default to lock the voltage after tuning, why not? It's not been done because we haven't had a need for it for decades of undervolting.

Why? Because we know from experience that overvolting causes instability and a halt to processor operation before the CPU will be damaged.

Even if the CPU voltage was raised into the "danger zone" - high enough to be deleterious in the long term, that high voltage will show up as system instability when users game or run CPU intensive activities.

It's a self alerting problem - "hey, why has my PC started crashing?" or "hey, why has my CPU temperature gone into thermal throttling?"

BTW, back in 1983 were you directly involved in exposing vulnerabilities, making defenses for them, and tracking and prosecuting intrusions? If not then maybe I've had a bit more experience in this than you have?

I also didn't say you were young - as that hardly matters. There may be far more people my age that don't know what the history of viruses are - but being young is no substitute for experience.

As time went by more and more people entered the internet and became more and more savvy, but few of them had direct experience with vulnerabilities and implementing mitigations for defenses for computer intrusions.

Most people don't deeply explore the technical side of virus's, vulnerabilities, and overclocking deep enough to know what's what.

It's taken decades for young people to be born into it so to speak after I started on vulnerabilities and mitigations. Even so they really won't know what's what any more than anyone else that doesn't directly work in the field - with enough hand's on in the defense of intrusions.

I was fortunate in that I was directly involved in defense against intrusions with mitigations in the mid-70's onward, so I have a direct hands on knowledge of what's what with what was done back then through the present.

I'm also certainly not saying overvolting can't cause problems, but more than likely it's going to cause instability long before it kills the CPU or does damage to any other support hardware.

Every CPU is different, even if the range is known the exact window of instability can be much lower than other CPU's and those canaries will crash and alert the community on what to look out for and mitigations can be implemented quickly and distributed quickly through anti-virus and anti-malware distribution.

For example Norton Updates every few hours and quicker through community updates. So scans to find the offending malware can be quickly done and the offending code quarantined. And, so do most other defenses these days.

But, just because I can't see the need for it, that doesn't mean it wouldn't be fun to explore and do, so go for it. There's a lot of unneeded work going on out there, most of it in fact, but that's a good way to learn and gain experience for the things that really matter later on down the road.

There may not be any choice coming up if Intel itself locks the voltage such that no one can change the voltage. Hopefully Intel will allow changing the voltage in the BIOS before the hand off to the OS. New CPU's will have built in firmware changes onboard, we won't be able to disable voltage locking, and that will change everything.

Happy Holiday's

 

Exactly. All the overvolting I've done over the years results in either thermal throttling making the setting useless - and immediately noticeable, or the CPU doesn't boot via protections or simply inability to function.

But, there are examples of people that through constantly abusing the CPU through overvolting for overclocking where the CPU eventually fails. It's not happened to me, but I have seen it reported.

I don't think that can be bottled into a payload that could do that with every CPU as it would need to be an automated fine tuning of voltage to constant and steady high voltage abuse over a long period - finding that sensitive point that would work enough to run but be too high to be safe for the CPU wouldn't be possible without a lot crashes and reboots.

It wouldn't be something that would be triggered immediately causing a CPU to fail, it would need to happen over time. Enough people would notice the performance hit from thermal throttling, or get alarms for over temp, or get crashes from instability and alert the malware community to find a mitigation and deploy it.

It's an interesting possibility, but in actual practice I don't think it's going to be an issue or cause mass CPU failures.

 

Yeah, overvolting to try to increase an overclock is a trial and error practice, as you say you'll see crashes and instability well before any damage occurs. Even if the overvoltage was set to a value where 99.999% of CPUs would still function, just run a little hotter, would probably never cause any damage even over years of use. And even then you'd have to have a huge table of CPU model numbers and even notebook/laptop model detection to figure out what that value should be for a specific case. Maybe if you targeted some very popular units like dell or apple.

No one interested in building malware would waste their precious time with a project like this without some type of real payoff. Doing something like targeted data exfiltration or crypto-currency mining would actually have a payoff for your time spent.

There's much easier ways of destroying someone's day with malware like erasing their data or encrypting it like the ransomware that bad actors are using. Doing that would be WAY easier than trying to fry a CPU.

 

tl;dr - " What is the issue?
External Researchers informed Intel of a potential vulnerability that could impact the security of Intel® Software Guard Extensions (Intel® SGX). This issue may occur when using software that enables the user to alter voltage operating points.

Affected Products:
Intel® 6th, 7th, 8th, 9th & 10th Generation Core™ Processors. Intel® Xeon® Processor E3 v5 & v6 and Intel® Xeon® Processor E-2100 & E-2200 Families.

How is this potential vulnerability mitigated?

The BIOS updates mitigate the issue by locking voltage to the default settings."
_______________________
Intel has been aware of and working on this since notified in June 2019:

"Researchers from University of Birmingham, KU Leuven and TU Graz provided Intel with a Paper and Proof of Concept (POC) in June 2019 and researchers from Technische Universität Darmstadt and University of California provided a Paper and Proof of Concept (POC) in early August 2019. Intel subsequently confirmed each submission demonstrated this individually.

Researchers from University of Maryland and Tsinghua University provided Intel with a Paper in late August 2019 describing this issue.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available."
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00289.html

And, Intel says these products are affected:

" Affected Products:
Intel® 6th, 7th, 8th, 9th & 10th Generation Core™ Processors. Intel® Xeon® Processor E3 v5 & v6 and Intel® Xeon® Processor E-2100 & E-2200 Families."

Which is pretty much all Intel CPU's we are using today and for the last decade, much like the Spectre and Meltdown, MDS etc etc etc.

Intel lists the Vulnerability Details:

" Vulnerability Details:
CVEID: CVE-2019-11157
CVSS Base Score: 7.9 High

Description: Improper conditions check in voltage settings for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege and/or information disclosure via local access."

And Intel has already released the mitigation as a firmware update sent out to vendors to include in their next BIOS update, so it's out there and live now - the firmware mitigation could be included in future BIOS updates - and included in Microsoft Updates too:

Intel® CPU Voltage Settings Modification Advisory, Disclosed December 10, 2019
https://www.intel.com/content/www/us/en/support/articles/000055804/processors.html

" General Q&A: (shortened)

What is the issue?
External Researchers informed Intel of a potential vulnerability that could impact the security of Intel® Software Guard Extensions (Intel® SGX). This issue may occur when using software that enables the user to alter voltage operating points.

How is this potential vulnerability mitigated?
The BIOS updates mitigate the issue by locking voltage to the default settings.

Is this issue linked to any specific operating system (OS) type or is the issue independent of OS types and versions?
This issue is independent of the OS type and version.

Can I still overclock?
Intel recommends you contact your system manufacturer to determine if your system supports overclocking.

My system manufacturer does not have any update available yet, what should I do?
Unfortunately, Intel cannot dictate nor control when our ecosystem partners release updated BIOS or driver files. We recommend that you request an estimate on when the update will be available."

This vulnerability is only one of 11 advisories issued by Intel in December 2019:

IPAS: SECURITY ADVISORIES FOR DECEMBER 2019
https://blogs.intel.com/technology/2019/12/ipas-security-advisories-for-december-2019/

Here's one of the sources of the discovery of the vulnerability:

Undervolting allows attacks on Intel's secure enclaves
Posted on 11 Dec 2019
https://www.birmingham.ac.uk/news/l...allows-attacks-on-intels-secure-enclaves.aspx

Sorry if I've repeated anything already posted, I'm trying to summarize after catching up, hopefully it helps someone else too.

 

No, there are a ton of people that plan to do the same thing. Security always takes a back seat to performance and functionality for me and many others. I also have no plans to stop using Windows 7 for as long as I can find driver support for my hardware.

 

Time to repaste because w/o undervolting temps have increased by 15C. I can't live w/o undervolting!

 

If the microcode update was bundled in a Windows update, would that disable bios undervolts?

According to the article the issue could arise when using a SW to undervolt ... I personally undervolt in the Bios, so unless I do a bios update with the new microcode, I don't think windows can overwrite that.

 

Just a clarification, does the Plundervolt <strike>fix<strike> patch disable undervolting on a software-only basis? If I have an unlocked BIOS which allows voltage adjustments within the advanced CPU settings, will I be locked out by a windows update? I'm not going to update my BIOS, just preparing in case a windows update comes along.

If I disable Software Guard Extensions in the BIOS, will that prevent Windows Update from identifying my laptop as vulnerable?

My 7Y30 is on 0x8E btw.
View attachment 181228

 

That's how it sounds, a Windows Update delivered patch + a BIOS Update, not sure if they split the implementation - both are required - or if the Windows Update that is more quickly distributed locks out voltage tuning in Windows at boot time and then the BIOS update with the same firmware then locks out voltage tuning in the BIOS - negating the need for the Windows patch.

Either way the goal is to lock out exploits depending on voltage tuning induced instability. Done in the BIOS is the more sure method, but that will take vendors time to integrate. The Windows Update to patch firmware at boot time can be distributed much quicker - but no word as to when either will hit.

What is concerning is that the plundervolt firmware voltage tuning lock down could be the start of a trend to lock out other user tuning that could lead to similar instability induced data exposure.

Some have already complained about BIOS update killing their undervolt - but so far it has all been false alarms. We should hear the real effects of the firmware patch from users soon if Intel's notice is to be taken literally.

We really don't know yet, but I would assume if you set the voltage in the BIOS the firmware loaded at Windows boot time would simply stop further changes to the voltage under Windows.

When the BIOS update hits, IDK if Intel will lock out voltage changes as it's handing off to the OS or if it will also lock out user set BIOS voltage settings already existing - that would seem a bit harsh.

But, if Intel is trying to lock down the voltage setting to what is guaranteed stable - keeping the end user from inducing instability before Intel has a chance to lock out such changes - then I would assume Intel will want to lock out voltage tuning in the BIOS as well.

We'll have to wait for Intel's implementation of the mitigation to show up to know for sure how strict it will be.

 

Well ... Then no bios updates for me. My machine is running fine and I intend to keep it that way.

In case a new vulnerability that would necessitate a bios update is discovered, I will have to weigh the pros/cons then.

 

Another user report...

Intel XTU and ThrottleStop no longer working to undervolt Xeon E-2186m after firmware update
http://forum.notebookreview.com/thr...lt-xeon-e-2186m-after-firmware-update.831546/

 

I read the docs and videos at plundervolt.com and they suggest applying the new uCode(which is buggy for some and causes PCs to not boot eg. Asus Zenbook etc..) if you are using SGX in your application with Secure Conclave or Enclave features!
If you disabled SGX in BIOS, nothing happens to undervolt values since SGX is disengaged and undervolts higher 230mV will work now w/o calc errors! If you enable SGX (Stock locked BIOS has it enabled dating back to 2012/2013 on supported hardware vPro/Non-vPro) undervolts will be locked out but for max security and A51M like white smokes if your CPU is already throttling due to Superior Cooling design(pun, intended).

 

Microsoft "fixed" this with a firmware patch on the Surface Laptop 3. No undervolting possible now.



https://www.reddit.com/r/Surface/comments/ex7de6/new_surface_firmware_released_breaks_undervolting/

 

Bummer. But, it confirms they're retarded.

 

Buy notebooks from the devil himself is probably the worst you can do. They sit on top of the crippling foodchain... The master for the OS and determine how patches should be implemented, own distribution of firmware and drivers. Doomed to oblivion.

Said this before... Up to the notebook manufacturers how they will implement Intel’s security patches.

Microsoft is probably the worst of them all!

What a beauty from the link... “just lost about 40% sustained performance as the new firmware now forces wattage back down to 15watts and isn't respecting my TDP settings”. Yeah, this sucks pretty hard.