Ars Technica

Syndikovat obsah security – Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Aktualizace: 53 min 55 sek zpět

AMD promises firmware fixes for security processor bugs

20 Březen, 2018 - 23:00

Enlarge / AMD's Ryzen die. Threadripper has two of these in a multi-chip module. Epyc has four of them. (credit: AMD)

AMD has responded to the reports last week of a range of security flaws affecting its Platform Security Processor (PSP) and chipset. The company acknowledges the bugs and says that, in coming weeks, it will have new firmware available to resolve the PSP bugs. These firmware fixes will also mitigate the chipset bugs.

Israeli firm CTS identified four separate flaw families, naming them Masterkey (affecting Ryzen and Epyc processors), Ryzenfall (affecting Ryzen, Ryzen Pro, and Ryzen Mobile), Fallout (hitting only Epyc), and Chimera (applying to Ryzen and Ryzen Pro systems using the Promonotory chipset).

Masterkey, Ryzenfall, and Fallout are all problems affecting the Platform Security Processor (PSP), a small ARM core that's integrated into the chips to provide certain additional features such as a firmware-based TPM security module. The PSP has its own firmware and operating system that runs independently of the main x86 CPU. Software running on the x86 CPU can access PSP functionality using a device driver, though this access is restricted to administrator/root-level accounts. The PSP is also typically not exposed to guest virtual machines, so virtualized environments will typically be protected.

Read 8 remaining paragraphs | Comments

Kategorie: Hacking & Security

Intel outlines plans for Meltdown and Spectre fixes, microcode for older chips

15 Březen, 2018 - 19:00

Enlarge / Intel Ivy Bridge Xeon E7 v2 die shot. (credit: Fritzchens Fritz)

Shipping in the second half of this year, the next generation of Xeon Scalable Processors (codenamed Cascade Lake) will contain hardware fixes for the Meltdown attack and certain variants of the Spectre attack. So, too, will a range of processors using the same 8th generation Core branding that some processors are already using.

Earlier this year, attacks that exploit the processor's speculative execution were published with the names Meltdown and Spectre, prompting a reaction from hardware and software companies.

The Spectre attack has two variants, numbered version 1 and version 2. Spectre version 1 attacks will need software fixes, and the nature of these attacks means that they may always need software fixes. Applications that try to build sandboxes—locked-down environments used for running potentially hostile code, such as JavaScript in the browser—will need to be examined and updated to provide robust protection against Spectre version 1.

Read 4 remaining paragraphs | Comments

Kategorie: Hacking & Security

Patch Tuesday drops the mandatory antivirus requirement after all

13 Březen, 2018 - 21:35

(credit: amalthya / Flickr)

In the immediate aftermath of the Spectre and Meltdown attacks, Microsoft created an unusual stipulation for Windows patches: systems would only receive the fixes if they had antivirus software installed and if that antivirus software created a special entry in the registry to indicate that it's compatible with the Windows fixes.

This was due to the particularly invasive nature of the Meltdown fix: Microsoft found that certain antivirus products manipulated Windows' kernel memory in unsupported ways that would crash systems with the Meltdown fix applied. The registry entry was a way for antivirus software to positively affirm that it was compatible with the Meltdown fix; if that entry was absent, Windows assumed that incompatible antivirus software was installed and hence did not apply the security fix.

This put systems without any antivirus software at all in a strange position: they too lack the registry entries, so they'd be passed over for fixes, even though they don't, in fact, have any incompatible antivirus software.

Read 5 remaining paragraphs | Comments

Kategorie: Hacking & Security

Intel’s latest set of Spectre microcode fixes is coming to a Windows update

1 Březen, 2018 - 19:14

Intel Skylake die shot. (credit: Intel)

Windows users running the latest version of Windows 10 on recent Intel processors will soon be receiving Intel's microcode updates to address the Spectre variant 2 attack.

Earlier this year, attacks that exploit the processor's speculative execution were published with the names Meltdown and Spectre, prompting a reaction from hardware and software companies. Intel released microcode updates for its processors to provide operating systems with greater control over certain aspects of this speculative execution; however, the company's initial releases were found to cause problems.

Intel has since fixed the microcode bugs, but until this point Microsoft has said that Windows users should turn to their system vendors to actually get the new microcode.

Read 5 remaining paragraphs | Comments

Kategorie: Hacking & Security