EVGA

ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallout

Author
rjohnson11
EVGA Forum Moderator
  • Total Posts : 73400
  • Reward points : 0
  • Joined: 2004/10/05 12:44:35
  • Location: Europe
  • Status: online
  • Ribbons : 68
2019/05/24 23:51:27 (permalink)
https://www.vortez.net/news_story/asus_releases_bios_update_to_address_zombieloadridland_fallout.html
 
ASUS is aware that a new sub-class of speculative execution side-channel vulnerabilities in Intel CPUs, called Microarchitectural Data Sampling (MDS), also known as ZombieLoad, RIDL, and Fallout, may allow information disclosure. Intel states that selected 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable processor family, are not vulnerable to MDS. If you are using one of these processors, no further action is necessary. 
 
For other Intel processors, ASUS is working closely with Intel to provide a solution in a forthcoming BIOS update. 

Specs: AMD 2920X Threadripper, Corsair MP510 M.2, 64GB Corsair RGB Dominator,  ASRock X399 Taichi, Corsair 1000D, EVGA RTX 2080ti Black

Associate Code: H5U80QBH6BH0AXF



#1

4 Replies Related Threads

    Cool GTX
    EVGA Forum Moderator
    • Total Posts : 16831
    • Reward points : 0
    • Joined: 2010/12/12 14:22:25
    • Location: Folding for the Greater Good
    • Status: offline
    • Ribbons : 112
    Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo 2019/05/25 00:17:21 (permalink)
    Good

    RTX Project EVGA X99 FTWK-5930K,EVGA2080Ti EVGA-1200P2  Nibbler EVGA X99 3-GPU Water Loop 1600P2  AIO Folding  1080Ti FTW3 Hybrid, 1200P

    Thank You for Your Support






    #2
    Nereus
    Omnipotent Enthusiast
    • Total Posts : 10787
    • Reward points : 0
    • Joined: 2009/04/09 20:05:53
    • Location: Brooklyn, NYC.
    • Status: offline
    • Ribbons : 34
    Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo 2019/05/26 19:13:09 (permalink)
     
    Attackers need local execution first - attackers can only mount attacks in practical settings once they have the ability to execute (unprivileged) code on the victim machine. We could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser, abandon cloud computing, etc. - https://mdsattacks.com/
     
    FYI, type "wmic cpu get caption" in Windows Command Prompt to get CPU family, model & stepping.
     

    ASSOCIATE CODE : CSKKXUT5Q9GVAFR (5-10% off EVGA.com purchases)   |   AFFILIATE/REWARDS CODE : E64DMBSMI6 (EVGA product registration)
      HEATWARE   |   MODSRIGS $1K WIN   |   BUILD 

    #3
    ty_ger07
    Insert Custom Title Here
    • Total Posts : 15345
    • Reward points : 0
    • Joined: 2008/04/10 23:48:15
    • Location: global traveler
    • Status: online
    • Ribbons : 147
    Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo 2019/05/26 20:12:29 (permalink)
    NereusWe could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser...

    Our experience is heavily controlled by JavaScript.  Many sites stop working without JavaScript.  JavaScript has become a cornerstone of our internet experience.  Right now we are seeing content which was provided to us by JavaScript.
     
    No one should ever confuse JavaScript with Java.
     
    Usually mitigation is put in place inside of the JavaScript framework for known vulnerabilities, but ultimately you can't expect a framework to be aware of, detect, and prevent all attacks.  JavaScript is an immensely universal, often simple, but ultimately an enormously powerful and capable attack vector.
     
    With these Intel speculative attacks, over and over people have repeated how safe they feel, how impossible it is to exploit the speculative attacks, and mostly they over and over talked about needing physical access to the machine.  Over and over I have pointed out that JavaScript has time and time again proven to be a capable attack vector.  All you have to do is have an unpatched machine/browser/JavaScript framework, spend enough time on a compromised multimedia streaming website or stock/news ticker site, and that's it!  Since JavaScript operates "client side" there is not necessarily any detectable suspicious network activity prior to the JavaScript finding whatever it is programmed to find and sending it back to mother.  Unmitigated, the speculative attacks give the attacker access to absolutely anything in memory regardless of any previously-existing attempts to prevent it.  Sandboxing did nothing.  Antivirus did nothing.  Restricting memory addresses did nothing.  Kernel protections did nothing.  "Physical access" is a hugely misleading term.
    post edited by ty_ger07 - 2019/05/26 20:27:03

    ASRock Z77 • Intel Core i7 3770K • EVGA GTX 1080 • Samsung 850 Pro • Corsair AX1200
     
    Disclaimer: I own shares of AMD, Intel, and NVIDIA stock.
    #4
    Nereus
    Omnipotent Enthusiast
    • Total Posts : 10787
    • Reward points : 0
    • Joined: 2009/04/09 20:05:53
    • Location: Brooklyn, NYC.
    • Status: offline
    • Ribbons : 34
    Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo 2019/05/26 22:06:08 (permalink)
    ty_ger07
    NereusWe could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser...

    Our experience is heavily controlled by JavaScript.  Many sites stop working without JavaScript.  JavaScript has become a cornerstone of our internet experience.  Right now we are seeing content which was provided to us by JavaScript.
     
    No one should ever confuse JavaScript with Java.
     
    Usually mitigation is put in place inside of the JavaScript framework for known vulnerabilities, but ultimately you can't expect a framework to be aware of, detect, and prevent all attacks.  JavaScript is an immensely universal, often simple, but ultimately an enormously powerful and capable attack vector.
     
    With these Intel speculative attacks, over and over people have repeated how safe they feel, how impossible it is to exploit the speculative attacks, and mostly they over and over talked about needing physical access to the machine.  Over and over I have pointed out that JavaScript has time and time again proven to be a capable attack vector.  All you have to do is have an unpatched machine/browser/JavaScript framework, spend enough time on a compromised multimedia streaming website or stock/news ticker site, and that's it!  Since JavaScript operates "client side" there is not necessarily any detectable suspicious network activity prior to the JavaScript finding whatever it is programmed to find and sending it back to mother.  Unmitigated, the speculative attacks give the attacker access to absolutely anything in memory regardless of any previously-existing attempts to prevent it.  Sandboxing did nothing.  Antivirus did nothing.  Restricting memory addresses did nothing.  Kernel protections did nothing.  "Physical access" is a hugely misleading term.


    Yup. I'm just repeating what came from that site. It's impractical. Sounds like Intel damage control. Pretty scary stuff. Even some of the 8th and 9th Generation Intel Core processors are vulnerable, despite Intel assuring they are not earlier. Even turning off HT doesn't 'fix' it, although it (allegedly) does reduce the risk.
     
     
     

    ASSOCIATE CODE : CSKKXUT5Q9GVAFR (5-10% off EVGA.com purchases)   |   AFFILIATE/REWARDS CODE : E64DMBSMI6 (EVGA product registration)
      HEATWARE   |   MODSRIGS $1K WIN   |   BUILD 

    #5
    Jump to:
  • Back to Mobile