Massive CPU Security Flaws Revealed


Spectre patches require CPU microcode and BIOS firmware updates, and likely will include recompiles of every program running on your computer as well to add that retpoline mitigation stuff.


So… no, I don’t have the fix yet?


Probably not, unless you updated your BIOS.


No BIOS updates for my mobo (ASUS).

Not that I run VM’s at home anyway, isn’t that all this exploit does? Allow your VM to see the host/other VM’s?


No, that’s just a great example of how bad this exploit is. When it can breach the hypervisor, well, that’s when shit gets real.


Intel microcode has been updated for some Linux distributions (including mine), so it’s going around already, it seems.


Like what? What else can the exploit do?


At it’s most basic it allows any code to read other memory slots on the computer. So imagine javascript being able to read your password manager’s memory.


But in order to utilize this exploit, an attacker would have to have already breached my firewalls and be on my local system, correct?


Yes. But even javascript has been shown to be able to do it. Granted they think they have that patched out now but… eh. Maybe/maybe not.

By itself it probably doesn’t look to bad, it’s when it gets combined with other zero day exploits things start to get scary.


Now, instead of a kitten photo, imagine that someone can now read every one of your passwords, as well as encryption keys.


But again, only if they can get to that part of my systems memory. Right?


Kinda, except that theoretically this can be injected into Javascript, which can infect your computer just by visiting a website that is serving the infected code.


What about using Chrome with a script blocker, like uScript?


Basically it allows one process to see other processes’ memory by tricking the CPU. Imagine that processes have their personal space - much like each individual person in a public restroom doing number 2. And then someone pops a mirror on a selfie stick and starts checking other people’s privates.

And to build upon that terrible metaphor, you could say Intel is itself doing number 2 and we’re all inside that white ceramic bowl, trying to figure out how to breathe again. Or something.


The hyper visor is big for cloud companies because you can literally have dozens of companies sharing the same machine; if any of them is a bad actor, they can run code that lets them breach the hypervisor and see what everyone else on the machine is literally doing at that moment.


Depending on how tight your settings are on uScript, that should mitigate that vector.


That might make you more impervious to an attack via browser, but not other sources. And the modern web will be nearly unusable for you.


If you can escape VMs, you can do pretty much anything.

My motherboard does have an updated BIOS for Spectre, but I’m not updating just yet as there are reports of unexpected reboots.


Er, that’s not true. I’ve been using ublock for years now and the pages I go to seem to work just fine.

And what other sources besides browsers are we talking about? Opening strange email attachments? Letting a strange remote into my PC because he cold called me and insists there is a problem with my PC? I mean, I kind of doubt for the average home user this exploit is a bigger problem than other ransomware, virus, nonsense that people fall for. Not yet, anyway.