This is a new attack allowing encryption keys and other sensitive info to be stolen by another process running on the same processor. Apparently there is a microcode update available from Intel. I...
This is a new attack allowing encryption keys and other sensitive info to be stolen by another process running on the same processor. Apparently there is a microcode update available from Intel.
I don’t envy them as this is just brutal. Affects a ton of Intel cpus, pain in the as to detect, has a patch that might butcher performance. Ugh. And it’s a major compromise
I don’t envy them as this is just brutal. Affects a ton of Intel cpus, pain in the as to detect, has a patch that might butcher performance. Ugh.
Between this and zenbleed, it seems like this sort of “leaked data between processes on the same core” vulnerability is picking up steam. Wonder if were going to see a whole class of them like Spectre
Between this and zenbleed, it seems like this sort of “leaked data between processes on the same core” vulnerability is picking up steam. Wonder if were going to see a whole class of them like Spectre
Specifically, microcode is a firmware update, but it's a type of firmware that's shipped with the OS and loaded during boot. You don't need to manually update it separately from the OS.
Specifically, microcode is a firmware update, but it's a type of firmware that's shipped with the OS and loaded during boot. You don't need to manually update it separately from the OS.
This is a new attack allowing encryption keys and other sensitive info to be stolen by another process running on the same processor. Apparently there is a microcode update available from Intel.
I expect sysadmins are going to busy for a while?
I don’t envy them as this is just brutal. Affects a ton of Intel cpus, pain in the as to detect, has a patch that might butcher performance. Ugh.
And it’s a major compromise
It's highly unlikely to butcher the performance of any useful applications.
AWS says they're not affected.
I'm not sure about other cloud services.
Between this and zenbleed, it seems like this sort of “leaked data between processes on the same core” vulnerability is picking up steam. Wonder if were going to see a whole class of them like Spectre
Huh, I really didn’t put together in my mind that zenbleed was really just another speculative execution bug like Spectre, but you’re totally right.
Pardon my ignorance, but what would be the process for applying this sort of patch to my personal machine?
I don't know. There is a git repo but practically speaking, maybe wait until there's an software update for whatever OS you're running?
Ah yes the practical solution was my interest. I wasn't sure if this sort of thing comes as an OS update or firmware update. Thanks!
Specifically, microcode is a firmware update, but it's a type of firmware that's shipped with the OS and loaded during boot. You don't need to manually update it separately from the OS.