List of MDS Speculative Execution Vulnerability Advisories & Updates

I

Ink

Administrator
Thread author
Verified
Jan 8, 2011
22,490
Content source
https://www.bleepingcomputer.com/news/security/list-of-mds-speculative-execution-vulnerability-advisories-and-updates/
"Multiple security researchers have released details about a new class of speculative attacks against all modern Intel processors. The attacks are different from and more dangerous than Meltdown, Spectre and their variations because they can leak data from CPU buffers, which is not necessarily present in caches.

Two attacks dubbed RIDL and Fallout exploit a set of four vulnerabilities collectively known as Microarchitectural Data Sampling (MDS) vulnerabilities - a name given by Intel. The flaws affect Intel CPUs released since 2008, the researchers say."

More details: New RIDL and Fallout Attacks Impact All Modern Intel CPUs

Advisories:
Exploit Demo & FAQ [Am I Affected?]
 
  • Like
Reactions: ZeroDay, CyberTech, LASER_oneXM and 4 others
LASER_oneXM

LASER_oneXM

Level 37
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Four new vulnerabilities have been discovered in Intel processors that can be exploited via speculative execution side-channel attacks called RIDL, Fallout, and ZombieLoad.

These vulnerabilities allow attackers to steal passwords, cryptographic keys, or any other type of data to be loaded or stored in the memory of the CPU buffers.
The vulnerabilities are being categorized as Microarchitectural Data Sampling (MDS) speculative execution vulnerabilities and are associated with the four uniquely identifiable CVEs below:
  • CVE-2018-12126 - Microarchitectural Store Buffer Data Sampling (MSBDS)
  • CVE-2018-12130 - Microarchitectural Fill Buffer Data Sampling (MFBDS)
  • CVE-2018-12127 - Microarchitectural Load Port Data Sampling (MLPDS)
  • CVE-2019-11091 - Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
For more information on how these vulnerabilities work, who discovered them, and how you can test if you are vulnerable, you can read our New RIDL and Fallout Attacks Impact All Modern Intel CPUs article.

Researchers have also setup dedicated pages about these attacks, which are listed below:
To aid those who are concerned about the vulnerabilities, we have compiled the known vendor advisories and available updates below.

It is important to remember, that the current solutions are mitigations only and do not completely fix the vulnerabilities. To fully resolve these vulnerabilities, all vendors state that you would need to disable hyper-threading, which would have a performance impact on your computer.

If you are a vendor with a advisory or notice or a user who know of one that we are missing, please contact us to have your information added.

Last Updated: 05/14/19 18:56 EST
Click to expand...
 
  • Like
  • +Reputation
Reactions: ZeroDay, upnorth, Gandalf_The_Grey and 2 others
silversurfer

silversurfer

Super Moderator
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,093
Intel MDS Vulnerabilities: What You Need to Know | SecurityWeek.Com
Intel says its newer products, such as some 8th and 9th generation Core processors and 2nd generation Xeon Scalable processors, address these vulnerabilities at hardware level. Some of the other affected products have received or will receive microcode updates that should mitigate the flaws. The company has published a technical deep dive and a list that users can check to see if their processors will receive microcode updates.

Intel says the mitigations should have minimal performance impact for a majority of PCs, but performance may be impacted in the case of data center workloads.
Disabling hyper-threading on vulnerable CPUs should prevent exploitation of the vulnerabilities.
Click to expand...
 
  • Like
Reactions: ZeroDay, Gandalf_The_Grey, LASER_oneXM and 1 other person
LASER_oneXM

LASER_oneXM

Level 37
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Google disclosed a local proximity vulnerability impacting Bluetooth Low Energy (BLE) Titan Security Keys sold in the U.S. stemming from a "misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols."

According to the BLE Titan Security Key store page, "Titan Security Keys help prevent phishing and keep out anyone who shouldn’t have access to your online accounts. Security keys are the same level of security used internally at Google."

Google Cloud Product Manager Christiaan Brand says in the vulnerability announcement that non-Bluetooth security keys — such as USB or NFC — are not affected by the software flaw.
As the company states, potential attackers who manage to get within Bluetooth range — roughly 30 feet — while the security key is used can communicate with both the security key and the device to which it is paired.

Google also announced that for the pairing protocol misconfiguration to be abused, would-be attackers would have to very accurately his actions with a series of events:
... ...
Click to expand...

www.zdnet.com

MDS 'Zombieload' attacks against Intel CPUs: What's your patch status?

Where to get updates for Zombieland, RIDL, Fallout, and all the new Intel MDS vulnerabilities.
www.zdnet.com www.zdnet.com
Where to get updates for Zombieland, RIDL, Fallout, and all the new Intel MDS vulnerabilities.
...
...
...
Below is a summary of all the fixes currently available for today's MDS attacks, along with support pages describing additional mitigation techniques.

Intel
In a security advisory, Intel said today that it released updated Intel microcode updates to device and motherboard vendors.

When would these microcode updates end up on users' computers, it's anybody's guess. If we're to learn anything from the Meltdown and Spectre patching process, the answer is probably never, and Microsoft will eventually have to step in and deliver Intel's microcode updates part of the Windows Update process, just like it did for Meltdown and Spectre last year.

In the meantime, Intel has published a list of impacted Intel processors, complete with in-depth details about the status of available microcode updates for each CPU model.

Microsoft
Until the Intel microcode updates reach users' computers, Microsoft has published OS-level updates to address the four MDS vulnerabilities.
...
...
Click to expand...
 
  • Like
Reactions: ZeroDay, Gandalf_The_Grey, CyberTech and 2 others
LASER_oneXM

LASER_oneXM

Level 37
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
www.techradar.com

How to protect your devices against the ZombieLoad attack

Make sure you're safe
www.techradar.com www.techradar.com

... ...
How can I tell if I am affected by the ZombieLoad flaw?
Unfortunately, there's currently no easy way to tell if you're affected by the ZombieLoad flaw. Also, antivirus software and internet security suites won't identify the flaw.

However, if you use a device that runs on an Intel processor that you bought after 2011, it's very likely that you are vulnerable to ZombieLoad.

This means PCs, Macs and Intel-based tablets are all vulnerable. It's safest to assume at this point that you are vulnerable to ZombieLoad unless you exclusively use devices that run on AMD or ARM processors.

Before you begin to panic, it's worth noting that while it's likely you're using hardware that's vulnerable to ZombieLoad attacks, that doesn't mean you've been targeted. There isn't any evidence out there that ZombieLoad has been used to attack devices yet – however it does mean you want to make sure your devices are all updated to be protected against ZombieLoad as soon as possible.
... ...
Click to expand...
 
  • Like
Reactions: ZeroDay, harlan4096 and CyberTech
LASER_oneXM

LASER_oneXM

Level 37
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Microsoft Secretly Fixed a New Speculative Vulnerability in Intel CPUs

www.bleepingcomputer.com

Microsoft Secretly Fixed a New Speculative Vulnerability in Intel CPUs

During the July 2019 Patch Tuesday security updates, Microsoft secretly patched a new variant of the Spectre 1 speculative execution side channel vulnerabilities that allowed information disclosure in Windows.
www.bleepingcomputer.com www.bleepingcomputer.com

During the July 2019 Patch Tuesday security updates, Microsoft secretly patched a new variant of the Spectre 1 speculative execution side channel vulnerabilities that allowed information disclosure in Windows.

This vulnerability was given CVE ID CVE-2019-1125 and a title of "Windows Kernel Information Disclosure Vulnerability". Microsoft states that they held back on documenting the vulnerability until today as part of a coordinated industry disclosure.

According to Microsoft, Andrei Vlad Lutas of Bitdefender discovered this new vulnerability in some Intel CPUs that would allow malicious user mode programs to access and read the contents of the Windows Kernel memory.
Click to expand...
 
  • Like
  • Applause
Reactions: silversurfer, ZeroDay, upnorth and 3 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Security News Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass
Replies
2
Views
1,666
Security News
SeriousHoax
SeriousHoax
CyberTech
    • Like
Security News Intel Sued Over ‘Downfall’ CPU Vulnerability
Replies
0
Views
1,476
Security News
CyberTech
CyberTech
silversurfer
    • Like
    • Wow
    • Sad
Patches for new Retbleed AMD and Intel microprocessor vulnerability may have significant overhead
Replies
4
Views
1,164
News Archive
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top