Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Fractal Design Pop Air RGB Black TG review
Palit GeForce GTX 1630 4GB Dual review
FSP Dagger Pro (850W PSU) review
Razer Leviathan V2 gaming soundbar review
Guru3D NVMe Thermal Test - the heatsink vs. performance
EnGenius ECW220S 2x2 Cloud Access Point review
Alphacool Eisbaer Aurora HPE 360 LCS cooler review
Noctua NH-D12L CPU Cooler Review
Silicon Power XPOWER XS70 1TB NVMe SSD Review
Hyte Y60 chassis review

New Downloads
Prime95 download version 30.9 build 1
Intel ARC graphics Driver Download Version: 30.0.101.1743
AMD Radeon Software Adrenalin 22.6.1 WHQL driver download
GeForce 516.59 WHQL driver download
Media Player Classic - Home Cinema v1.9.22 Download
AMD Chipset Drivers Download v4.06.10.651
CrystalDiskInfo 8.17 Download
AMD Radeon Software Adrenalin 22.6.1 Windows 7 driver download
ReShade download v5.2.2
HWiNFO Download v7.26


New Forum Topics
JIUSHARK Side-flow M.2 SSD cooler with 60mm fan cools up-to 50% Nvidia shows signs ... AMD Might Release and Add Ryzen 5 5600X3D, Ryzen 9 5900X3D (X3D) procs AMD Radeon Software - UWP EK Launches PCIe 4.0 GPU Vertical Bracket FSR Thread Review: Palit GeForce GTX 1630 4GB Dual MSI AB / RTSS development news thread AMD is planning to release Ryzen 7000 CPUs in September ASUS ROG Swift OLED PG48 UQ specs disclose 4K organic EL display compatible with 138Hz / 0.1ms.




Guru3D.com » News » New CacheOut Speculative Execution Vulnerability Hits Intel Processors

New CacheOut Speculative Execution Vulnerability Hits Intel Processors

by Hilbert Hagedoorn on: 01/28/2020 04:34 PM | source: | 75 comment(s)
New CacheOut Speculative Execution Vulnerability Hits Intel Processors

Intel is not spared when it comes to the number of vulnerabilities that keep hitting their processors. The latest one is CacheOut, a new speculative execution attack that is capable of leaking data from Intel CPUs across many security boundaries. All processors up-to-the recent Coffee lake refresh are effected.

Despite Intel's attempts to address previous generations of speculative execution attacks, CPUs are still vulnerable, allowing attackers to exploit these vulnerabilities to leak sensitive data. Unlike previous MDS issues, the researchers show in their work how an attacker can exploit the CPU's caching mechanisms to select what data to leak, as opposed to waiting for the data to be available.

They then demonstrate that CacheOut can violate nearly every hardware-based security domain, leaking data from the OS kernel, co-resident virtual machines, and even SGX enclaves. CacheOut  can bypass software fixes. Making it possible to extract data from both the kernel of the OS and from virtual machines, and also from something that Intel calls 'software guard extensions' (SGX) that normally is stored securely. 

 

 

Researchers from the University of Michigan and the University of Adelaide have found this new bug, and posted a paper on it. Read the paper. It seems that once again only Intel processors are affected including Core, Xeon and Atom models. AMD is save from this vulnerability.



New CacheOut Speculative Execution Vulnerability Hits Intel Processors




« Review: PowerColor Radeon RX 5600 XT Red Dragon · New CacheOut Speculative Execution Vulnerability Hits Intel Processors · New Battlefield V chapter based on jungle fights in the Pacific Ocean Area »

15 pages « 2 3 4 5 > »


HybOj
Senior Member



Posts: 231
Joined: 2016-03-18

#5755215 Posted on: 01/28/2020 10:57 PM
im scaried now, any hacker can stolen my save game on witcher 3


No worries mate, intel will take care of that security issue, it will just take some CPU performance from you, as always. I think thats not a problem for you, you can always buy a better intel CPU and be prepared for new issues, which will come

Gomez Addams
Senior Member



Posts: 212
Joined: 2019-04-15

#5755220 Posted on: 01/28/2020 11:23 PM
Unfortunately, disabling Intel Hyper-Threading does not cover the case where the attacker and the victim run on the same CPU thread..


There is NO case where that could happen. In addition, I have not read of any exploit where the data acquired was from the same process as the exploit. It is always left over from the context switches of other processes. I have not read that disabling HT can mitigate the attack either. It just might make it occur less frequently since fewer threads would run simultaneously when HT is disabled.

Personally, I view this is a chicken-and-egg type of problem. There will no exploits of this nature what so ever if no malicious code ever runs on your machine. That is the place to take preventative measures.

JamesSneed
Senior Member



Posts: 1466
Joined: 2017-02-14

#5755234 Posted on: 01/28/2020 11:39 PM
Here we go again. This is another case where you need to run the exploit as admin and really at that point I think you got larger issues than someone trying to mine the CPU's cache for hidden gems.

squalles
Senior Member



Posts: 917
Joined: 2003-06-10

#5755239 Posted on: 01/29/2020 12:00 AM
No worries mate, intel will take care of that security issue, it will just take some CPU performance from you, as always. I think thats not a problem for you, you can always buy a better intel CPU and be prepared for new issues, which will come

its true, maybe with more 3 or 4 security fixes and losing performance, finally amd can beat the i7 8700k

TieSKey
Senior Member



Posts: 209
Joined: 2015-09-26

#5755246 Posted on: 01/29/2020 12:33 AM
:-, post: 5755124, member: 173592"]The following specifically states that physical admin access(authenticated local access) is required;
https://blogs.intel.com/technology/2020/01/ipas-intel-sa-00329/
An attack to exploit this vulnerability can not be rendered remotely, IE through a network share or web browser.

I can do alot with all cpus/systems if i have physical admin access(authenticated local access) U better patch me :)

Here we go again. This is another case where you need to run the exploit as admin and really at that point I think you got larger issues than someone trying to mine the CPU's cache for hidden gems.

The paper literally says u DONT need privileged access (heck, the world privileged is not even used while unprivileged appears like 5+ times).
Just in case, privileged means u are the OS or an admin/root user. Unprivileged means any common user.

Intel says "requiring authenticated local access", that just means u are logged into an OS an able to run "normal" programs.

--------------

So no, a js script won't hick-jack your pc, but if u ever get some malware, it can get data from the whole system w/o having to gain admin access, which is quite difficult in itself.

The real threat is u can launch an azure/aws/google VM for 1 USD and use this attack to steal data from other VMs running on the same physical CPU.

"Attacking Virtual Machines. Another security domain we explore in this paper is the isolation of different virtual machines running on the same physical core. We show that CacheOut is effective at leaking data from both co-resident machines as well as hypervisors. Experimentally evaluating this, we are able to completely de-randomize the Address Space Layout Randomization (ASLR) used by the hypervisor, as well as recover AES keys from another VM."

15 pages « 2 3 4 5 > »


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2022