New vulnerabilities discovered in both Intel and AMD CPUs
#1
Reported March 6:



Researchers discover that Intel chips built over the last five years have an unfixable security flaw



Security researchers have discovered another flaw in recent Intel chips that, while difficult to exploit, is completely unpatchable. The vulnerability is within Intel's Converged Security and Management Engine (CSME), a part of the chip that controls system boot-up, power levels, firmware and, most critically, cryptographic functions. Security specialists Positive Technologies have found that a tiny gap in security in that module that could allow attackers to inject malicious code and, eventually, commandeer your PC.

The vulnerability is another in a string of Intel chip flaws that have damaged the chipmaker's reputation of late. In 2018, Intel faced heavy criticism over the Meltdown and Spectre flaws in Intel chips that could have allowed attackers to steal data.

CSME, which has its own 486-based CPU, RAM and boot ROM, is the first thing that runs when you boot up your computer. One of the first things it does is protect its own memory, but before that happens, there's a brief moment when it's vulnerable. If hackers have local or physical access to a machine, they might be able to fire off a DMA transfer to that RAM, overwriting it and hijacking code execution.

Since the boot code and RAM are hard coded into Intel's CPUs, they can't be patched or reset without replacing the silicon. That makes it impossible for Intel or computer makers to mitigate, let alone completely fix, the vulnerability.

The CSME's security functions allow the operating system and apps to securely store file encryption keys using a master "chipset key." If an attacker could access that key by executing malicious code, they could gain access to core parts of the operating system along with apps, and potentially do serious damage.

Quote:"This [chipset] key is not platform-specific. A single key is used for an entire generation of Intel chipsets," explains Mark Ermolov from Positive Technologies. "And since... the ROM vulnerability cannot be fixed, we believe that extracting this key is only a matter of time. When this happens, utter chaos will reign. Hardware IDs will be forged, digital content will be extracted, and data from encrypted hard disks will be decrypted."


That sounds dramatic, but exploiting the vulnerability would require major technological know-how, specialized equipment and physical access to a machine. Once hackers were inside a system, though, they could feasibly gain persistent remote access.

The vulnerability applies to machines with Intel chips built over the last five years or so. Intel said that it was notified of the vulnerabilities and released mitigations in May 2019 to be incorporated into firmware updates for motherboards and computer systems.

The chip giant told Ars Technica on background that those updates "should" mitigate local attacks. However, physical attacks (where attackers have possession of a targeted computer) might still be possible if attackers can roll back BIOS versions. As such, Intel said in a support document that "end users should maintain physical possession of their platforms.'



https://www.engadget.com/2020-03-06-inte...-flaw.html



-------------------------------------------------------



Reported March 8:



AMD CPUs for the past nine years are vulnerable to data leak attacks



It's not just Intel chips that are vulnerable to hard-to-fix security flaws. Researchers at the Graz University of Technology have detailed a pair of side channel attacks under the "Take A Way" name that can leak data from AMD processors dating back to 2011, whether it's an old Athlon 64 X2, a Ryzen 7 or a Threadripper. Both exploit the "way predictor" for the Level 1 cache (meant to boost the efficiency of cache access) to leak memory content. The Collide+Probe attack lets an intruder monitor memory access without having to know physical addresses or shared memory, while Load+Reload is a more secretive method that uses shared memory without invalidating the cache line.

Unlike some side channel attacks, it hasn't taken long to show how these exploits would work in the real world. The team took advantage of the flaws using JavaScript in common browsers like Chrome and Firefox, not to mention virtual machines in the cloud. While Take A Way only dribbles out a small amount of information compared to Meltdown or Spectre, that was enough for the investigators to access AES encryption keys.

It's possible to address the flaw through a mix of hardware and software, the researchers said, although it's not certain how much this would affect performance. Software and firmware fixes for Meltdown and Spectre have typically involved speed penalties, although the exact hit depends on the task.

We've asked AMD for comment. However, the authors suggest that AMD has been slow to respond. They said they submitted the flaws to AMD in late August 2019, but haven't heard back despite keeping quiet about the flaw for the past several months.

The findings haven't been without controversy, although it doesn't appear to be as questionable as some thought at first. While Hardware Unboxed found disclosures that Intel funded the research, raising concerns about the objectivity of the study, the authors have also received backing from Intel (and other sources) for finding flaws in the company's own chips as well as other products. It appears to just be a general effort to spur security research, then. As it stands, the funding source doesn't change the practical reality -- AMD may have to tweak its CPU designs to safeguard against Take A Way attacks going forward.



https://news.yahoo.com/2020-03-08-amd-cp...-flaw.html



-------------------------------------------------------



Long live vintage computers.

"They don't make 'em like they used to."
Reply
#2
In the world of technology everybody is forced onto the latest.  You can't escape that whoever you are and due to the phasing out stage of these products there's no way of purchasing old equipment.  Everybody is in the same boat, the suggestion of good back ups of operating system are recommended often.

Also make sure that you're VPN'ed up to the arse to prevent hacking, the better encryption you have the better your set up.  I'm not worried at all personally.
Reply
#3
The actual 'issues' started after 2006.

I am writing this on an ancient Dell C2D. The replacement mobo was purchased 2 years ago on eBay. $14.
(I reused the CPU and memory).

I have newer and faster machines.
But this is my favorite.

Safe in a cyberwar.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  In a first, researchers extract secret key used to encrypt Intel CPU code Resurgence 0 12,929 Oct 31, 2020, 23:26 pm
Last Post: Resurgence



Users browsing this thread: 3 Guest(s)