Major Intel Memory Vulnerability

der.hans PLUGd at LuftHans.com
Wed Jan 3 16:09:28 MST 2018


Am 02. Jan, 2018 schwätzte Matthew Crews so:

moin moin,

the bugs now have names and logos, let the marketing begin.

http://www.zdnet.com/article/security-flaws-affect-every-intel-chip-since-1995-arm-processors-vulnerable/

###
Am I affected by the bug?

Most certainly, yes.
###

Rumors thus far:

* new Linux kernel has a 'fix' for some value of 'fix'

* microsoft will force an update tonight

* a macos update from early December already has the fix

* AWS east will be doing reboots tomorrow

* AZURE will have extra reboots in the near future

* Google Android systems ( Nexus and Pixel ) have fixes available, but
might be mostly unaffected anyway

* tshirts available soon ;-)

ciao,

der.hans

> https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
>
> In a nutshell, it is a major security flaw in Intel hardware dating back a decade that is requiring a complete kernel rewrite for every major OS (Linux, Windows, Mac, etc) in order to patch out. It cannot be patched out with a CPU microcode update. Major enough that code comments are redacted in the patches until an embargo period is expired. Also the reported fix will have a huge performance impact.
>
> Also crucial to note is that AMD chips are not affected by this.
>
> How the heck does something like this go unnoticed for so long?
>
> Sent from [ProtonMail](https://protonmail.com), Swiss-based encrypted email.

-- 
#  https://www.LuftHans.com   https://www.PhxLinux.org
#  "The illiterate of the 21st century will not be those who cannot read and
#  write, but those who cannot learn, unlearn, and relearn." -- Alvin Toffler


More information about the PLUG-discuss mailing list