Comments on: Intel hardware trust is lost again?

By: Nicki

Nicki — Thu, 15 Sep 2022 08:43:13 +0000

it could defeat hardware-based encryption and DRM protections. The flaw exists at the hardware level of modern Intel processors released in the last five years

By: Tomi Engdahl

Tomi Engdahl — Mon, 20 Sep 2021 06:35:50 +0000

AMD Chipset Driver Vulnerability Can Allow Hackers to Obtain Sensitive Data
https://www.securityweek.com/amd-chipset-driver-vulnerability-can-allow-hackers-obtain-sensitive-data

Chipmaker AMD has patched a driver vulnerability that could allow an attacker to obtain sensitive information from the targeted system.

The flaw, tracked as CVE-2021-26333 and classified by AMD as medium severity, affects the company’s Platform Security Processor (PSP) chipset driver, which is used by several graphics cards and processors.

According to AMD, which described it as an information disclosure issue, an attacker who has low privileges on the targeted system can “send requests to the driver resulting in a potential data leak from uninitialized physical pages.”

AMD has advised users to update the PSP driver to version 5.17.0.0 through Windows Update or update the Chipset Driver to version 3.08.17.735.

Kyriakos Economou, co-founder of cybersecurity research and development company ZeroPeril, has been credited for discovering the vulnerability. In a technical advisory detailing the findings, the researcher noted that attacks are possible due to information disclosure and memory leakage bugs.

https://zeroperil.co.uk/wp-content/uploads/2021/09/AMD_PSP_Vulnerability_Report.pdf

By: Tomi Engdahl

Tomi Engdahl — Tue, 02 Mar 2021 08:06:40 +0000

Spectre exploits in the “wild”
https://dustri.org/b/spectre-exploits-in-the-wild.html
Someone was silly enough to upload a working spectre (CVE-2017-5753)
exploit for Linux (there is also a Windows one with symbols that I
didn’t look at.) on VirusTotal last month, so here is my quick Sunday
afternoon lazy analysis.. In my lab, on a vulnerable Fedora, the
exploit is successfully dumping /etc/shadow in a couple of minutes.
Interestingly, there are checks to detect SMAP and abort if it’s
present. I didn’t manage to understand why the exploit was failing in
its presence.. Also
https://therecord.media/first-fully-weaponized-spectre-exploit-discovered-online/
“But while Voisin did not want to name the exploit author, several
people were not as shy. Security experts on both Twitter and news
aggregation service HackerNews were quick to spot that the new Spectre
exploit might be a module for CANVAS, a penetration testing tool
developed by Immunity Inc.

By: Jennifer Brooks

Jennifer Brooks — Tue, 24 Mar 2020 16:05:29 +0000

Intel got a favorable position over AMD as far as speed.most intel processors made are quicker than AMD’s processor.some center i5 processors perform better than a portion of the athlon IIs and the phenom IIs.but then there’s some intel processors that are overrated.like the center 2 teams and the center 2 limits.

By: Tomi Engdahl

Tomi Engdahl — Wed, 11 Mar 2020 07:41:23 +0000

Besides Meltdown and Spectre, other transient attacks were eventually discovered during the past two years, including the likes of Foreshadow, Zombieload, RIDL, Fallout, and LazyFP.

By: Tomi Engdahl

Tomi Engdahl — Wed, 11 Mar 2020 07:40:47 +0000

Intel CPUs vulnerable to new LVI attacks
https://www.zdnet.com/article/intel-cpus-vulnerable-to-new-lvi-attacks/
Researchers say Intel processors will need another round of silicon
chip re-designs to protect against new attack.
Named Load Value Injection, or LVI for short, this is a new class of theoretical attacks against Intel CPUs.
While the attack has been deemed only a theoretical threat, Intel has released firmware patches to mitigate attacks against current CPUs, and fixes will be deployed at the hardware (silicon design) level in future generations.

By: Tomi Engdahl

Tomi Engdahl — Sun, 08 Mar 2020 19:10:43 +0000

Paul Alcorn / Tom’s Hardware:
Researchers detail two new side channel attacks that can leak secret data from all AMD CPUs made between 2011 and 2019

New AMD Side Channel Attacks Discovered, Impacts Zen Architecture (AMD Responds)
AMD processors from 2011 to 2019 impacted
https://www.tomshardware.com/uk/news/new-amd-side-channel-attacks-discovered-impacts-zen-architecture

“We are aware of a new whitepaper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.”

It’s noteworthy that this advisory does not point to any mitigations for the attack in question, merely citing other mitigated speculative executions that were used as a vehicle to attack the L1D cache predictor. The researchers also used other methods to exploit the vulnerability, so the advisory is a bit nebulous.

The university says it disclosed the vulnerabilities to AMD on August 23, 2019, meaning it was disclosed in a responsible manner (unlike the CTS Labs debacle), but there isn’t any word of a fix yet. We’ve pinged AMD for comment.

We’ve become accustomed to news of new Intel vulnerabilities being disclosed on a seemingly-weekly basis, but other processor architectures, like AMD and ARM, have also been impacted by some vulnerabilities, albeit to a lesser extent. It’s hard to ascertain if these limited discoveries in AMD processors are triggered by a security-first approach to hardened processor design, or if researchers and attackers merely focus on Intel’s processors due to their commanding market share: Attackers almost always focus on the broadest cross-section possible. We see a similar trend with malware being designed for Windows systems, by far the predominant desktop OS, much more frequently than MacOS, though that does appear to be changing.

By: Tomi Engdahl

Tomi Engdahl — Sat, 07 Mar 2020 14:36:47 +0000

A major new Intel processor flaw could defeat encryption and DRM protections
Security researchers claim it’s unfixable
https://www.theverge.com/2020/3/6/21167782/intel-processor-flaw-root-of-trust-csme-security-vulnerability

Security researchers are warning of a major new security flaw inside Intel processors, and it could defeat hardware-based encryption and DRM protections. The flaw exists at the hardware level of modern Intel processors released in the last five years, and could allow attackers to create special malware (like keyloggers) that runs at the hardware level and is undetectable by traditional antivirus systems. Intel’s latest 10th Gen processors are not vulnerable, though.

“The problem is not only that it is impossible to fix firmware errors that are hard-coded in the Mask ROM of microprocessors and chipsets,” warns Ermolov. “The larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole.”

Successful attacks would require skill and in most cases physical access to a machine, but some could be performed by other malware bypassing OS-level protections to perform local attacks. This could lead to data from encrypted hard disks being decrypted, forged hardware IDs, and even the ability to extract digital content protected by DRM.

Positive Technologies plans to “provide more technical details” in a white paper that’s due to be published soon