Intel Claims 90 Percent of Affected CPUs Have Live Patches Just as Rumors of New Attacks Arrive

This morning in a press release, Intel announced that it has “issued firmware updates for 90 percent of Intel CPUs introduced in the past five years.” But it’s possible the flurry of patches is just beginning.

These Intel CPU updates patch major vulnerabilities known as Meltdown and Spectre, which security researchers say affect most CPUs—including Intel’s.

If you happen to have an Intel CPU made in the last five years, it might be time to consider applying one of those firmware updates just in case even more patches are imminent: Today the security world is wondering whether a new pair of attacks that are allegedly based on work related to Meltdown and Spectre is on the horizon—or just a hoax taking advantage of CPU-exploit fears.

It’s been two weeks since The Register reported that nearly every CPU made in the last few years was subject to these severe security vulnerabilities, which could give bad actors access to some of your most precious data. Since then, Intel, which is reportedly most affected by the vulnerabilities, has been hard at work doing damage control. CEO Brian Krzanich tried to distract during his keynote at CES last week with esoteric talk of data and AI, and the company has been fairly religious about updating consumers as to the status of patches.

It’s a nice turn for a company that reportedly sat on the news of the vulnerability for months. The latest update notes that while 90-percent of Intel CPUs made in the last five years have had firmware updates there is “more work to do.” For Intel that’s investigating a problem that finds patched CPUs, based on Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake, rebooting too frequently.

In the press release today, Navin Shenoy, executive vice president and general manager of the Data Center Group, said, “We have reproduced these issues internally and are making progress toward identifying the root cause. In parallel, we will be providing beta microcode to vendors for validation by next week.” Which means we should, hopefully, be getting fixes to the reboot problem in short order.

Shenoy also addressed the reports that patched CPUs will operate more slowly. While this data is limited to only a few server-focused benchmarks on server-grade CPUs, it is some of the first hard facts we’ve seen about how slow these CPUs will actually get with a firmware upgrade.

According to Shenoy, most processes saw negligible changes in performance. However “the workloads that incorporate a larger number of user/kernel privilege changes and spend a significant amount of time in privileged mode will be more adversely impacted,” he said. In one benchmark the processor saw a 25-percent decrease in performance.

What that will actually mean for end users trying to process videos in Handbrake or edit photos in Adobe Photoshop, or even just playing around in PUBG, remains to be seen. Testing on consumer level products has been more difficult as the patches issues are frequently wrapped up in larger patches, which means there’s often too many variables to take into account. A drop in performance could be related to the firmware upgrade or it could be related to a tweak to Windows or MacOS.

Either way, it’s probably a good idea to suck it up and face the slowdown and reboot problem since things may get worse before they get better. A website that began going viral today, Skyfallattacks, suggests more potential attack vectors are imminent. Currently, the site is basically just some text that alludes to two allegedly potential new attacks dubbed Skyfall and Solace. (Someone out there really likes Daniel Craig’s James Bond—marketing!) Little is known about this new pair of alleged exploits, and it’s entirely possible they’re entirely bullshit.

Following the recent release of the Meltdown and Spectre vulnerabilities, CVE-2017-5175, CVE-2017-5753 and CVE-2017-5754, there has been considerable speculation as to whether all the issues described can be fully mitigated.

Skyfall and Solace are two speculative attacks based on the work highlighted by Meltdown and Spectre.

Full details are still under embargo and will be published soon when chip manufacturers and Operating System vendors have prepared patches.

Again, this is all the information we have so far about Skyfall and Solace. Are they real exploits? A hoax meant to get everyone in a tizzy? Some nonsense marketing hype? We reached out to Intel to find out if they have any additional info, and we’ll update when we hear back.

Still, Skyfall and Solace aside, the Meltdown and Spectre debacle is far from over. Any new kinds of attacks mean more patches in your future. So get to upgrading.

[Intel, Skyfall]

source: by Alex Cranz


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.