• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 23rd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News

Multiple Intel Processors Generations Hit by Serious Security Flaw

January 3rd, 2018 Waqas Security, Technology News 0 comments
Multiple Intel Processors Generations Hit by Serious Security Flaw
Share on FacebookShare on Twitter

Almost all Intel Processors Generations are impacted by the flaw while Intel CPUs are facing 30% performance hit.

A Linux kernel development site LWN has reported that there is a serious hardware bug in modern Intel CPUs due to which an attacker can access low-level kernel memory. The memory normally is protected from higher level access from programs and users. This means, almost all Intel processors developed in the last decade contain a huge security flaw that allows regular user programs such as web browser JavaScript can discern the contents and layouts of protected kernel memory spaces.

Impact

The design flaw would eventually allow malicious programs to access protected areas of kernel memory, which basically is the home of all the essential core components of an OS and its interactions with the hardware. What’s even more disturbing is the fact that this flaw can expose sensitive, protected information like passwords. The flaw is present in the Intel x86-64 hardware and requires an OS-level overwrite on every mainstream OS being patched.

The report, published in The Register, states that the bug may lead to grave consequences if OS kernel patches are not released for Windows, Linux and OS X. It must be noted that multiple generations of Intel CPUs are affected by this flaw.

More: Hidden Kill Switch Identified in Controversial Intel ME controller chip

However, the fixes would lead to affecting the performance of CPUs as these would become slower than usual so there are chances that your gaming experience on PC would be affected slightly but not entirely. As identified by researchers, “5 to 30 percent slowdown, depending on the task and processor model” is expected to hit CPUs due to the flaw.

How

Dubbed “Meltdown” and “Spectre,” the attack method involves identifying virtual memory pages in certain sequences in order to reveal memory locations where protected kernel space is present. Since this is a hardware bug, therefore, it is difficult to fix it unless Intel issues a fix in the next generation of CPUs.

As of now, the exact details of the design flaw and the extent to which it makes users vulnerable are kept hidden but it is evident that developers are in a rush to release patches, which hints upon the gravity of the situation.

In its Monday blog, the Python Sweetness wrote: “Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel and a similar mitigation began appearing in NT kernels in November. In the worst case, the software fix causes huge slowdowns in typical workloads … There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine.”

A short-term fix would be from the OSes, that is, operating systems can apply a kernel Page Table Isolation (PTI) to hide kernel memory addresses. This will force the processor to continually flush its caches holding TLBs.

A PMTS software engineer at AMD, Thomas Lendacky, stated that AMD CPUs are not affected by this bug and that the PTI patch will not be enabled on them because its memory controller doesn’t allow the same memory references that let fewer privileges calls to access high privilege information.

More: Intel’ Management Engine Tech Just Got Exposed Through USB Ports

  • Tags
  • Bug
  • CPU
  • Flaw
  • gaming
  • Intel
  • Linux
  • Privacy
  • security
  • Technology
  • Vulnerability
  • Windows
Facebook Twitter LinkedIn Pinterest
Previous article Code for Satori malware posted on Pastebin
Next article Security Flaws in GPS Trackers Puts Millions of Devices' Data at Risk
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Hacked Android phones mimicked connected TV products for fake ad views

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads

Play Store apps plagued with malware have 700,000 downloads

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hacked Android phones mimicked connected TV products for fake ad views
Cyber Crime

Hacked Android phones mimicked connected TV products for fake ad views

Signal CEO hacks Cellebrite cellphone hacking, cracking tool
Hacking News

Signal CEO hacks Cellebrite cellphone hacking, cracking tool

Play Store apps plagued with malware have 700,000 downloads
Security

Play Store apps plagued with malware have 700,000 downloads

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us