Meltdown/Spectre and other chip-related resources

This was originally a one-off blog article relating strictly to Meltdown/Spectre-related issues: now  expanded and to be maintained (when time allows) here as a ‘live’ resource. While those vulnerability issues aren’t likely to go away immediately and apply across a wide range of platforms, I’m also adding chip/CPU/GPU info that are of interest but not directly related. However, I don’t promise any in-depth commentary: rather, links to articles and resources that might be useful. Where I can’t resist commenting at length, it will be in an article on this site, though it may be reproduced or just linked to on this page.

Index

  • News and General Resources
    • Webkit
    • PoCs (Proofs of Concept)
    • Skyfall/Solace
  • Security Company Commentary
    • ESET Resources
    • G-Data Resources
    • Checkpoint Resources
    • Trend Micro Resources
  • Affected Companies
    • Apple
    • Google/Android
    • IBM
    • Intel
    • AMD
    • Microsoft/Windows
  • ICS/SCADA

News & General resources

[23rd April 2018]

Security Explorations: THE ORIGIN AND IMPACT OF SECURITY VULNERABILITIES IN ST CHIPSETS SE-2011-01 [Security weaknesses in a digital satellite TV platform]

[17th April 2018]

Help Net Security: Rambus launches fully programmable secure processing core – “At RSA Conference 2018, Rambus announced the availability of the CryptoManager Root of Trust (CMRT), a fully programmable hardware security core built with a custom RISC-V CPU.”

The Register: Microsoft has designed an Arm Linux IoT cloud chip… – “Microsoft has designed a family of Arm-based system-on-chips for Internet-of-Things devices that runs its own flavor of Linux – and securely connects to an Azure-hosted backend.”

Paul Ducklin for Sophos: Could an Intel chip flaw put your whole computer at risk? – “Well, the spectre of CIH is back in the news following a recent security advisory, numbered INTEL-SA-00087, from chip maker Intel.”

[1st April 2018]

Webkit

Webkit.org: What Spectre and Meltdown Mean For WebKit

PoCs (Proofs of Concept)

Skyfall/Solace

Security Company Commentary

ESET resources

Wait, don’t go! This resource is not run for or by ESET, and of course lots of other security companies are providing sound information on these issues. However, as I’m on several ESET mailing lists (I work with the company as a consultant) I see a wider range of material from there than I do from other companies. If time allows, I’ll try to include vendor info from other major companies too.

G-Data resources

Inside Meltdown and Spectre: Interview with Anders Fogh

Checkpoint resources

How The Spectre/Meltdown Vulnerabilities Work

Trend Micro Resources

Trend Micro: Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters
“We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors. They measure cache misses — the state where data that an application requests for processing is not found in the cache memory — that can be used to detect attacks that exploit Meltdown and Spectre.”

Affected Companies 

Apple

Google

Android

Chrome OS

IBM

The Register: IBM’s complete Meltdown fix won’t land until mid-February – POWER CPU patches available now or next week, AIX and i OS fixes are more than a month off

Intel

[21st April 2018] The Verge: Intel is offloading virus scanning to its GPUs to improve performance and battery life

[16th April 2018] Also only distantly related. Bleeping Computer: Intel SPI Flash Flaw Lets Attackers Alter or Delete BIOS/UEFI Firmware

[6th April 2018] Only distantly related, but… The Register: NUC, NUC! Who’s there? Intel, warning you to kill a buggy keyboard app – “No joke: another security SNAFU for Chipzilla, this time for a popular remote admin app” (applies to “Intel Remote Keyboard” for iOS and Android).

[4th April 2018] Simon Sharwood for The Register: Intel admits a load of its CPUs have Spectre v2 flaw that can’t be fixed – “And won’t fix Meltdown nor Spectre for 10 product families covering 230-plus CPUs”. For more specific information, see Intel’s document Microcode Revision Guidance, April 2 2018

[16th March 2018]

John Leyden waxes satirical at Intel’s expense in The Register: Intel: Our next chips won’t have data leak flaws we told you totally not to worry about – “Meltdown, Spectre-free CPUs coming this year, allegedly”

[24th January 2018]

  1. Zelkjka Zorz for Help Net Security: Intel testing new Spectre fixes, tells everyone to hold off on deploying current firmware updates

“Shortly after Red Hat stopped providing microcode to address variant 2 (branch target injection) of the Spectre attack, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current firmware updates that fix the same vulnerability (CVE-2017-5715).”

  1. Intel’s own “News Byte”: Root Cause of Reboot Issue Identified; Updated Guidance for Customers and Partners

“Based on this, we are updating our guidance for customers and partners:

  • We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior. For the full list of platforms, see the Intel.com Security Center site.
  • […]
  • We continue to urge all customers to vigilantly maintain security best practice and for consumers to keep systems up-to-date.
  1. GBHackers: Intel asks customers to hold off Applying Patches for Spectre and Meltdown

“Intel told now they have identified the root cause of the reboot issue that affected Broadwell and Haswell CPUs and they are preparing a solution to address the issue and asks to hold off applying patches for Spectre and Meltdown.”

[26th January 2018]

The Register: Trebles all round! Intel celebrates record sales of insecure processors – Siri, what’s a monopoly?

[8th February 2018]

Simon Sharwood for The Register: Intel adopts Orwellian irony with call for fast Meltdown-Spectre action after slow patch delivery – For now, have some code that won’t crash Skylakes and stay close to your Telescreens.

He observes:

Sound advice, but a bit hard to swallow given that Shenoy’s “Security Issue Update” revealed that Intel is yet to develop properly working microcode updates for many of the CPUs imperilled by Spectre and Meltdown […] Chipzilla has managed to sort out sixth-generation Skylakes, as a February 7th Microcode Revision Guidance (PDF) document records.

AMD

Microsoft/Windows

[14th April 2018] Help Net Security: AMD users running Windows 10 get their Spectre fix – microcode to mitigate Spectre variant 2, and a Microsoft update for Windows 10 users.

[11th April 2018] Pierluigi Paganini: AMD released patches for Spectre Variant 2 attack that includes both microcode and operating system updates. AMD and Microsoft worked together to issue the updates on Tuesday.

[3rd April 2018] And the sad story of Microsoft’s Windows 7 patch does not yet seem to be over. Shaun Nichols for The Register: Mad March Meltdown! Microsoft’s patch for a patch for a patch may need another patch – “If at first, er, second, ah, third, no, fourth, you fail, sadly, you’re probably Redmond”

[March 31st 2018]

[March 29th 2018]

  • Security|DMA|Hacking: Total Meltdown? (Analysis of the Windows 7 Meltdown patch fiasco)

[March 28th 2018]

[March 23rd 2018]

Microsoft Technet: KVA Shadow: Mitigating Meltdown on Windows

[March 16th 2018]

Richard Chirgwin for The Register: Microsoft starts buying speculative execution exploits – “Adds bug bounty class for Meltdown and Spectre attacks on Windows and Azure”

[March 2nd 2018.]

ICS/SCADA

David Harley

Advertisements