New Spectre-style Intel chip flaw can leak user data, but only in Windows

Posted:
in General Discussion
PC users and those who are running Windows on a Mac may want to take a moment to update their operating systems, as a new flaw in Intel and ARM chips has been exposed.

Spectre-style flaw can leak data on systems running Windows


Similar to the Spectre and Meltdown chip flaws of last year, this latest flaw also uncovered an exploit involved in speculative execution.

Speculative execution is a microprocessing shortcut that has existed for the better part of two decades. CPU tasks are often repetitive and can be predicted, and chip designers can offer faster speeds by anticipating these tasks and executing them before they're actually received.

This created a problem, however, when it was discovered that these tasks can be exploited by hackers and leak data such as passwords, tokens, and encryption keys.

According to Tom's Guide, this information was divulged by Bitdefender researchers on Tuesday at the annual Black Hat security conference.

The flaw affects a system instruction in 64-bit Windows called SWAPGS, which can be executed speculatively in user mode. When manipulated, attackers can utilize the exploit to intercept sensitive data that is meant to be contained within individual applications. The flaw also allows an attacker to bypass former methods of Spectre and Meltdown exploits by bypassing the kernel page table isolation.

The flaw had been discovered by Bitdefender a full year ago. It had been dismissed by Intel until a proof-of-concept was provided, showing how the flaw could be exploited.

"Every machine using newer Intel processors which leverage speculative execution and [run] Windows is affected, including servers and laptops," Bitdefender said in a press release.

Microsoft had released a patch that fixed this latest flaw in July. However, it has still failed to alert the public to the seriousness of the situation. Users running Windows in any fashion, even virtualized, are advised to download and install Microsoft's July Patch to prevent sensitive information from being leaked.

Comments

  • Reply 1 of 13
    tbstephtbsteph Posts: 95member
    Intel or Boeing? Who has fallen the farthest the fastest?
    watto_cobra
  • Reply 2 of 13
    blastdoorblastdoor Posts: 3,558member
    tbsteph said:
    Intel or Boeing? Who has fallen the farthest the fastest?
    Not even close -- it's Boeing. Boeing's planes are broken by design, not by malicious hackers attempting to break them. 


    llamaStrangeDayswatto_cobrajony0
  • Reply 3 of 13
    blastdoorblastdoor Posts: 3,558member
    I'm much less confident now that Apple will make their own ARM chips for Macs, but they would be doing a public service if they did. 

    The more heterogenous the hardware and software landscape, the more difficult (ie, expensive) it is for bad actors to launch attacks on large numbers of people. 


    watto_cobra
  • Reply 4 of 13
    I believe Linux suffers from this vulnerability, although it’s more difficult to pull off than on Windows.   If that’s true, you your title might be improved by saying “...,but not in MacOS” rather than “...,Only in Windows.” If you have a good article on why this doesn’t affect MacOS, please let me know. 
    watto_cobra
  • Reply 5 of 13
    Mike WuertheleMike Wuerthele Posts: 6,922administrator
    leetncamp said:
    I believe Linux suffers from this vulnerability, although it’s more difficult to pull off than on Windows.   If that’s true, you your title might be improved by saying “...,but not in MacOS” rather than “...,Only in Windows.” If you have a good article on why this doesn’t affect MacOS, please let me know. 
    Given that the exploit developers said only Windows, we're pretty comfortable with what we're saying.
    leetncampwatto_cobra
  • Reply 6 of 13
    JWSCJWSC Posts: 1,203member
    blastdoor said:
    tbsteph said:
    Intel or Boeing? Who has fallen the farthest the fastest?
    Not even close -- it's Boeing. Boeing's planes are broken by design, not by malicious hackers attempting to break them. 


    I know this contradicts everything the know-nothing media regurgitates, but the 737 Max is not flawed or broken by design as you say.  It is a perfectly good aircraft and I would happily fly on it myself with pilots trained to handle its particular attributes.

    Boeing’s sin is that they did not inform the airlines of the autopilot changes that were made to handle the center of gravity shift with the larger engines, and also that Boeing charged extra for training and other services related to this change.  Boeing should be hammered for that and they will pay dearly for their lethal mistakes.

    But the widely circulated claim that the 737 Max is a bad design is 100% total B.S.

  • Reply 7 of 13
    davgregdavgreg Posts: 1,046member
    The University of Michigan has a chip architecture called MORPHEUS that randomizes code 20x per second. Maybe Apple should invest and develop along that line. 


    edited August 2019
  • Reply 8 of 13
    TonKTonK Posts: 1member
    JWSC said:

    But the widely circulated claim that the 737 Max is a bad design is 100% total B.S.

    I disagree. Even ‘simple’ failsafe consumer products  (water heaters, microwave etc.) is required to not have a single source of failure leading to a dangerous situation.

    The single 737 sensor error is a sleeping fault (goes undetected) that leads to the plane misbehaving into nosediving to the ground and nothing to help it to not do that except for a trained pilot.

    Making reduncy in a safety relevant system a purchasable option is a bad design. (And could even be regarded criminal in a court of law) 
    StrangeDays
  • Reply 9 of 13
    davgreg said:
    The University of Michigan has a chip architecture called MORPHEUS that randomizes code 20x per second. Maybe Apple should invest and develop along that line. 


    That would be awesome if Apple could just hire them and get this implemented.
  • Reply 10 of 13
    leetncamp said:
    I believe Linux suffers from this vulnerability, although it’s more difficult to pull off than on Windows.   If that’s true, you your title might be improved by saying “...,but not in MacOS” rather than “...,Only in Windows.” If you have a good article on why this doesn’t affect MacOS, please let me know. 
    Given that the exploit developers said only Windows, we're pretty comfortable with what we're saying.
    The article you cited says that the vulnerability exists in Linux too (though they don't have a proof-of-concept exploit yet and it is "less serious"). I haven't read their paper, but I would NOT be comfortable with saying that MacOS is immune. I wouldn't want to bet one way or another, actually. Who knows if the BitDefender guys are sufficiently expert in MacOS? Or if they had the time to look at that?

    It's still way too early to be making blanket pronouncements.

    FileMakerFeller
  • Reply 11 of 13
    StrangeDaysStrangeDays Posts: 13,083member
    JWSC said:
    blastdoor said:
    tbsteph said:
    Intel or Boeing? Who has fallen the farthest the fastest?
    Not even close -- it's Boeing. Boeing's planes are broken by design, not by malicious hackers attempting to break them. 


    I know this contradicts everything the know-nothing media regurgitates, but the 737 Max is not flawed or broken by design as you say.  It is a perfectly good aircraft and I would happily fly on it myself with pilots trained to handle its particular attributes.

    Boeing’s sin is that they did not inform the airlines of the autopilot changes that were made to handle the center of gravity shift with the larger engines, and also that Boeing charged extra for training and other services related to this change.  Boeing should be hammered for that and they will pay dearly for their lethal mistakes.

    But the widely circulated claim that the 737 Max is a bad design is 100% total B.S.

    You may want to rethink that as it’s not just “the media!” but actual pilots and SMEs who have weighed in on the engineering decisions. I’ve read articles critical of the changes where the critics suggested these are poor shortcuts aimed at stretching full economy.

    If the plane wasn’t dangerous it wouldn’t be grounded by the FAA. If it really only has one sensor and the AP acts on it alone in a dramatic fashion, that’s a design problem. 
    edited August 2019 FileMakerFeller
  • Reply 12 of 13
    davgreg said:
    The University of Michigan has a chip architecture called MORPHEUS that randomizes code 20x per second. Maybe Apple should invest and develop along that line. 
    The story says that it's a variable rate of churn and they chose the 50ms rate because the processor hit is only ~1%. Pretty awesome, if true.
Sign In or Register to comment.