New Vulnerability hits Intel processors - Lazy FP State Restore
Click here to post a comment for New Vulnerability hits Intel processors - Lazy FP State Restore on our message forum
fantaskarsef
Another week, another Intel exploit.
BigMaMaInHouse
It's funny for us , but just imagine the *** the big server farms are going thru week after week that every time they think the patching is over- here we start again...
EPYC becoming more and more attractive for them for next upgrade lol.
cryohellinc
Not a single platform is fully secure from issues such as those. With enough time, research and testing you can find loopholes practically everywhere.
Simply this is a new public trend to follow this information, hence all of those research agencies which attempt to find a loophole, cash in on it and get some easy publicity.
Labyrinth
https://i.imgur.com/pVz3oFv.gif
asturur
Also is unclear if this problem affects AMD too.
If lazy fpu restore was good and not proprietary tech ( but a part of x86 and x64 patent ) amd has it too probably?
HardwareCaps
Man this snowball keeps rolling and rolling... these discoveries probably did more harm than good.
D3M1G0D
From what I've read, AMD is not affected.
http://seclists.org/oss-sec/2018/q2/189
[Quote] Only Intel Core based processors (from at least Nehalem onwards) are
potentially affected. Other processor designs (Intel Atom/Knights
range), and other manufacturers (AMD) are not known to be affected.
The good news is that it can be easily addressed via an OS update. Doesn't look like it will be much of an issue and performance impact will be negligible, if any (the impact will mostly on Intel's reputation).
Kaarme
Let's hope so. AMD could use the money to do some R&D.
nz3777
Jesus Somebody really has something against Intel huh? This is not good for them at all! Cant be on top 4 ever tough.
-Tj-
Idk what to think about intel anymore, so far it looks like Intel is one Big pile of...
Even worse then this swiss cheese xD
https://s6.postimg.cc/lt2cqvf3l/2018-06-14_14.26.07.png
fantaskarsef
Honestly, I'm still surprised we all didn't get hacked all the years back, you can't tell me nobody tried to exploit such a feature. I'm more thinking I need my tin foil hat again, because so many "different" security issues, flaws and exploits can't be not recognised for a decade in PC business. Somebody has to have known about it, and probably exploited it all the time.
alanm
These constant security flaws could be the best thing that happened to AMD ever.
slyphnier
even if already used all the time, until now there no "big-news" whatsoever regarding the exploit that done real-damage to people
for me personally, as long my sensitive-data not used for bad-things that can give me any loss, then no problem whatsoever
like our bank/personal data, say goverment been using the exploit to get all those information, but again for civil people, other than for verification purpose most of time, i dont think they do anything else
not like cyber-thef that use those sensitive data to get money, if this the case indeed everyone should panic.
but i mean its similar to ISP, ur isp might monitoring your usage, but they dont do anything whatsoever right? even say u are downloading tons on piracy-stuff etc.
beside now let say intel fix whole current vulnerability mess, that doesnt mean the CPU will vulnerability-free anyway.... there will always vulnerability, it just matter time before it get exposed
Perjantai
Another speculative execution vulnerability, what a surprise.. I dont know how intel is going to fix all these since it can be exploided as long speculative execution is working. They should just nuke whole speculative feature and fix it at hardware level.
BigMaMaInHouse
And the best thing is that intel got 99% of the market so AMD can watch from the side and learn and improve the product/make patches if needed before launch and offer Secure 7nm EPYC for customers 🙂.
RealNC
Hm. XSAVEOPT was introduced with Sandy Bridge. So does that mean the vulnerability affects only CPUs older than SB?
tsunami231
yep, everyone wants there day in the news. majority of public is never gone keep up with let alone patches this stuff I still have yet to do the bios patches for original issue. it will be cold day in hell before i play this update my bios every 3 weeks people need to learn to keep there mouths zipped about this stuff. and lets this stuff be slightly fixed in hw instead cause panic in the public.
Robbo9999
Like others have said, Intel really need to fix all these speculative side channel vulnerabilities in hardware - to improve security & also their reputation, but I do wonder how much performance they will have to sacrifice in their next hardware-fixed chips to make that happen. We may never know the answer to that though, because there'd be no basis for comparison when it comes to said new chips. I'm fed up with hearing about it - sure I'm gonna keep reading the news on it, but I am fed up with it, thinking do I need to patch this or do I need to patch that, what's the performance hit gonna be, etc. At the moment I use Spectre-fixed microcode on my Skylake desktop, then use InSpectre program to flip protection on or off depending on what I'm doing - gaming I switch it off, everything else I leave the protection on - just requires a reboot to make the switch. I'd rather not bother messing about with it, bring on the hardware fixes!
schmidtbag
That, and cryptocurrency miners.
Reddoguk
I'm seriously starting to think a lot of these "exploits" might of been intentional. Maybe not all of them but some of them might of been forced in there by CIA/Mossad/Mi6. So they could be used in any future wars or to gain access to top secret files when the need arises. They were always there waiting for bad actors to exploit but now the public is witch hunting any and every tiny crack until the chips themselves will be useless.
Could also be a ploy to force people on to the next secure platform. ^^
