Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Intel meltdown and spectre, am I at risk 14 and 22 nm i3 cores


  • Please log in to reply
13 replies to this topic

#1 rp88

rp88

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:37 PM

Posted 05 January 2018 - 12:47 PM

I've looked at intel's page https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr (Is that the only one or does that cover only one of the two attacks) and it says i3 chips are affected but seems to say only 45nm and 32nm chips are affected, my two systems have intel i3 cores of 22nm and 14nm. They date from circa 2013 (the 22nm system) and circa 2015(the 14nm system). Does this mean I am unaffected?

Also I've been trying to find the (Windows) updates to apply and found update KB4056898 (windows 8.1 security only), but as yet windows update is not showing any updates presently available to me, and I do know that it has problems with certain antiviruses and registry keys, I use avast as my antivirus. Should I download KB4056898 from the update catalog immediately? Or wait for it to be offered via windows update? P.S. I've seen news thhat on windows server the fix has to be enabeld afetr installing the update, I take it no enabling is needed on windows 8.1.

Another question, on linux mint (mate 17.3)is there yet a kernel update to deal with this? if so which one?

Finally, do I need to download any form of low level instruction set update, microcode change or other such thing from intel? If so is this just an exe file to run or is it trickier and potentially risky in the way that BIOS/UEFI updates can be?

Thanks

Edited by rp88, 05 January 2018 - 01:00 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 01:01 PM

Here is Avast's info: https://forum.avast.com/index.php?topic=212648.msg1439270#msg1439270

 

A firmware update is required too, but AFAIK, these are not yet available from the OEMs.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 rp88

rp88
  • Topic Starter

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:37 PM

Posted 05 January 2018 - 01:12 PM

Not sure about getting anything from my OEM, one of my systems is a toshiba and I'm not sure if they still supply things like updates to PCs they made. Can I get patches directly from intel or are different patches needed for different machines even when they have the same CPU type?

What of the fact that 14 and 22nm cores aren't mentioned while 45 and 32 explictly are mentioned on that webpage?

Edited by rp88, 05 January 2018 - 01:13 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 01:21 PM

Your link doesn't work. Probably because of the en-fr locale.

 

I was able to fix your link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr


Edited by Didier Stevens, 05 January 2018 - 01:35 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 rp88

rp88
  • Topic Starter

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:37 PM

Posted 05 January 2018 - 01:37 PM

Sorry about posting a broken link. But if you look at the list it seems to specifically say 45 and 32nm technology i3 cores are affected, does that mean non-45nm and non-32nm cores are not affected?

Edited by rp88, 05 January 2018 - 01:38 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 01:52 PM

Yes, that is how I read this.

 

However:

1) be aware that maybe Intel is omitting 14-nm and 22-nm i3 from this list because they could be end-of-life (I don't know). Just like Microsoft no longer mentions Windows XP, Windows 98, ... in security advisories

2) Intel released this SA for CVE-2017-5715. Microsoft's patch also addresses CVE-2017-5754, and it's very likely that your i3 is vulnerable.

3) they reserve the "right to make errors": Intel may modify this list at a later time.

 

I would apply the patch when Windows Update offers it.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 rp88

rp88
  • Topic Starter

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:37 PM

Posted 05 January 2018 - 02:17 PM

I was very much intending to apply the windows patch, what I'm trying to work out is whether I need a firmware one too. And how to get it if so. Any knowledge of the patch needed on linux mint?
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#8 OldPhil

OldPhil

    Doppleganger


  • Members
  • 4,123 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:10:37 AM

Posted 05 January 2018 - 02:22 PM

I have looked at so much pertaining to this, I only have one LT with a Atom processor should things go south.  From my reading it seemed that all post 1995 i3 i3 i7 chips were vulnerable.

 

Phil


Honesty & Integrity Above All!


#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 02:30 PM

Do you know which ones you have precisely?

https://en.wikipedia.org/wiki/List_of_Intel_Core_i3_microprocessors


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#10 rp88

rp88
  • Topic Starter

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:37 PM

Posted 05 January 2018 - 02:54 PM

One pc has:

Intel i3 5xxx @2.10GHz broadwell u/ult 14nm intel core i3-5010U family 6 model d revision E0, virtualisation supported and disabled, hyperthreading supported and enabled, bus speed 99.8MHz.

Other has:

Intel Core i3 3210M @ 2.50GHz, 2 cores, 4 threads, ivy bridge, Package Socket 988B rPGA, family 6, extended family 6, model A, extended model 3A, stepping 9, revision E1/L1, virtualisation supported and disabled, hyperthreading supported and enabled, bus speed 99.8MHz.



This is according to piriform's speccy tool.

Edited by rp88, 05 January 2018 - 02:54 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#11 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 04:14 PM

Your 3210 is an Ivy Bridge architecture, according to Wikipedia, this is a shrink from Sandy Bridge and remains largely unchanged, and is backwards compatible with Sandy Bridge.

Sandy Bridge is 32nm.

 

Based on that, I can't explain why Sandy Bridge would be vulnerable and Ivy Bridge not.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#12 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 04:37 PM

OK, I took another approach.

 

I tested a Spectre Proof-of-Concept program (https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6) on a Core i7 14nm.

It is vulnerable.

 

And in the comments, I see other reports of 14nm CPUs being vulnerable.

 

Also ran it on a patched Windows machine: as expected, also vulnerable, since I don't have a firmware update (yet).

 

Another test: ran it on a patched Linux AWS: not vulnerable.


Edited by Didier Stevens, 05 January 2018 - 05:03 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#13 rp88

rp88
  • Topic Starter

  • Members
  • 3,022 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:02:37 PM

Posted 05 January 2018 - 04:47 PM

So I install the windows update (right away from the update catalog website or wait for it to be offered?), what about linux mint updates (any idea which or if one is out yet) and will I need firmware updates. As far as I can tell the thing which firmware updates are needed to prevent is the trickiest of the attacks types, the absolute worst bit of the attacks can be stopped by updating thre OS, though I can't make sense of whether this specific tricky part of the attacks is one which would only affect a system where malware was already installed or if this one could be used by online javascript in a browser to attack a computer. I know some parts of these two vulnerabilities are only relevant for machiens already infected, but other parts of the attacks let scripts in browser spy on parts of the memory which hold passwords, and in all the confusion of articles about this I'm struggling to work out which bit is which.
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#14 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 05 January 2018 - 07:47 PM

Update: in November 2017, Intel released microcode updates for your CPUs:

https://downloadcenter.intel.com/download/27337/Linux-Processor-Microcode-Data-File

 

Looks probable to me they'll release updates now too for your CPUs.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users