Linked by Thom Holwerda on Mon 29th Jan 2018 23:17 UTC
Windows

Microsoft has released an update that disables Intel's microcode Spectre mitigations.

Intel has reported issues with recently released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch Target Injection) - specifically Intel noted that this microcode can cause "higher than expected reboots and other unpredictable system behavior" and then noted that situations like this may result in "data loss or corruption". Our own experience is that system instability can in some circumstances cause data loss or corruption. On January 22, Intel recommended that customers stop deploying the current microcode version on affected processors while they perform additional testing on the updated solution. We understand that Intel is continuing to investigate the potential effect of the current microcode version, and we encourage customers to review their guidance on an ongoing basis to inform their decisions.

This whole thing is a mess.

Thread beginning with comment 653364
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: No solution
by Megol on Wed 31st Jan 2018 11:17 UTC in reply to "RE[2]: No solution"
Megol
Member since:
2011-04-11

"IMO the Meltdown thing is a bug (not all think so).

This isn't. The processor does what it was designed to do, what it is documented to do in a way that is documented. No bug.


Not sure if you're trolling or not.
"

Obviously not trolling. But I know what I'm talking about.


Access to high privileged kernel-mode memory from unprivileged usermode process is not documented and it is definitely _not_ a designed behaviour.


But Spectre doesn't allow that _in_the_way_the_processor_is_defined_.


Please, show me the description of this "feature" in architecture reference manual.


That kernel mode programs can read memory read kernel memory? Download and read:
https://software.intel.com/en-us/articles/intel-sdm

Drill down into the description of how memory protection works.

Reply Parent Score: 3

RE[4]: No solution
by viton on Fri 2nd Feb 2018 03:26 in reply to "RE[3]: No solution"
viton Member since:
2005-08-09

But Spectre doesn't allow that _in_the_way_the_processor_is_defined_.

Spectre v1 and v2 are not breaking protection domains.
The fact that you can establish side channel is irrelevant.

That kernel mode programs can read memory read kernel memory?
User mode programs should not event touch the privileged memory.

AMD (and others) are doing things right.

The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.

Reply Parent Score: 2