rjohnson11
EVGA Forum Moderator
- Total Posts : 102323
- Reward points : 0
- Joined: 2004/10/05 12:44:35
- Location: Netherlands
- Status: offline
- Ribbons : 84
https://www.vortez.net/news_story/asus_releases_bios_update_to_address_zombieloadridland_fallout.html ASUS is aware that a new sub-class of speculative execution side-channel vulnerabilities in Intel CPUs, called Microarchitectural Data Sampling (MDS), also known as ZombieLoad, RIDL, and Fallout, may allow information disclosure. Intel states that selected 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable processor family, are not vulnerable to MDS. If you are using one of these processors, no further action is necessary. For other Intel processors, ASUS is working closely with Intel to provide a solution in a forthcoming BIOS update.
|
Cool GTX
EVGA Forum Moderator
- Total Posts : 31005
- Reward points : 0
- Joined: 2010/12/12 14:22:25
- Location: Folding for the Greater Good
- Status: offline
- Ribbons : 122
Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo
2019/05/25 00:17:21
(permalink)
Good
|
Nereus
Captain Goodvibes
- Total Posts : 18926
- Reward points : 0
- Joined: 2009/04/09 20:05:53
- Location: Brooklyn, NYC.
- Status: offline
- Ribbons : 58
Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo
2019/05/26 19:13:09
(permalink)
Attackers need local execution first - attackers can only mount attacks in practical settings once they have the ability to execute (unprivileged) code on the victim machine. We could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser, abandon cloud computing, etc. - https://mdsattacks.com/ FYI, type "wmic cpu get caption" in Windows Command Prompt to get CPU family, model & stepping.
|
ty_ger07
Insert Custom Title Here
- Total Posts : 21174
- Reward points : 0
- Joined: 2008/04/10 23:48:15
- Location: traveler
- Status: offline
- Ribbons : 270
Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo
2019/05/26 20:12:29
(permalink)
NereusWe could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser...
Our experience is heavily controlled by JavaScript. Many sites stop working without JavaScript. JavaScript has become a cornerstone of our internet experience. Right now we are seeing content which was provided to us by JavaScript. No one should ever confuse JavaScript with Java. Usually mitigation is put in place inside of the JavaScript framework for known vulnerabilities, but ultimately you can't expect a framework to be aware of, detect, and prevent all attacks. JavaScript is an immensely universal, often simple, but ultimately an enormously powerful and capable attack vector. With these Intel speculative attacks, over and over people have repeated how safe they feel, how impossible it is to exploit the speculative attacks, and mostly they over and over talked about needing physical access to the machine. Over and over I have pointed out that JavaScript has time and time again proven to be a capable attack vector. All you have to do is have an unpatched machine/browser/JavaScript framework, spend enough time on a compromised multimedia streaming website or stock/news ticker site, and that's it! Since JavaScript operates "client side" there is not necessarily any detectable suspicious network activity prior to the JavaScript finding whatever it is programmed to find and sending it back to mother. Unmitigated, the speculative attacks give the attacker access to absolutely anything in memory regardless of any previously-existing attempts to prevent it. Sandboxing did nothing. Antivirus did nothing. Restricting memory addresses did nothing. Kernel protections did nothing. "Physical access" is a hugely misleading term.
post edited by ty_ger07 - 2019/05/26 20:27:03
ASRock Z77 • Intel Core i7 3770K • EVGA GTX 1080 • Samsung 850 Pro • Seasonic PRIME 600W Titanium My EVGA Score: 1546 • Zero Associates Points • I don't shill
|
Nereus
Captain Goodvibes
- Total Posts : 18926
- Reward points : 0
- Joined: 2009/04/09 20:05:53
- Location: Brooklyn, NYC.
- Status: offline
- Ribbons : 58
Re: ASUS Provides BIOS updates addressing MDS vulnerabilities, ZombieLoad, RIDL, and Fallo
2019/05/26 22:06:08
(permalink)
ty_ger07
NereusWe could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser...
Our experience is heavily controlled by JavaScript. Many sites stop working without JavaScript. JavaScript has become a cornerstone of our internet experience. Right now we are seeing content which was provided to us by JavaScript. No one should ever confuse JavaScript with Java. Usually mitigation is put in place inside of the JavaScript framework for known vulnerabilities, but ultimately you can't expect a framework to be aware of, detect, and prevent all attacks. JavaScript is an immensely universal, often simple, but ultimately an enormously powerful and capable attack vector. With these Intel speculative attacks, over and over people have repeated how safe they feel, how impossible it is to exploit the speculative attacks, and mostly they over and over talked about needing physical access to the machine. Over and over I have pointed out that JavaScript has time and time again proven to be a capable attack vector. All you have to do is have an unpatched machine/browser/JavaScript framework, spend enough time on a compromised multimedia streaming website or stock/news ticker site, and that's it! Since JavaScript operates "client side" there is not necessarily any detectable suspicious network activity prior to the JavaScript finding whatever it is programmed to find and sending it back to mother. Unmitigated, the speculative attacks give the attacker access to absolutely anything in memory regardless of any previously-existing attempts to prevent it. Sandboxing did nothing. Antivirus did nothing. Restricting memory addresses did nothing. Kernel protections did nothing. "Physical access" is a hugely misleading term.
Yup. I'm just repeating what came from that site. It's impractical. Sounds like Intel damage control. Pretty scary stuff. Even some of the 8th and 9th Generation Intel Core processors are vulnerable, despite Intel assuring they are not earlier. Even turning off HT doesn't 'fix' it, although it (allegedly) does reduce the risk.
|