Security flax discovered in Intel's processors

  • Security flax discovered in Intel's processors

Security flax discovered in Intel's processors

A real fix (not disabling Hyperthreading) will require a BIOS or UEFI update to remedy the bug, but this must be disseminated by motherboard vendors. It reduces the processing power or pipes to the physical number of cores and could effectively halve the speed on HT dependent applications.

The affected models are 6th and 7th-gen Intel processors with HyperThreading, which include Core CPUs as well as some Pentiums, and Xeon v5 and v6 processors.

Developers at Debian have discovered a critical Hyper-Threading flaw affecting Intel's 6th generation Skylake and 7th generation Kaby Lake processors. They suggest that users disable Hyper-threading for now until the fix is certain.

It has not been specified what the exact conditions are that could lead to the CPUs being triggered, however it has been made clear that apart from possible data corruption or loss, an attacker can also use the bug to create an attack.

Implication: "Due to this erratum, the system may experience unpredictable system behavior".

Intel's errata list for the recent Skylake-X processors (unearthed by Hot Hardware), provide a bit more insight into the nuts and bolts of the issue. Specific code patterns in applications will trigger the defect, and as yet, there isn't a list of specific software to avoid.

The people who own PCs running Intel's Kaby Lake and Skylake chips are advised to turn off the hyperthreading feature, otherwise they could end up with crashes, freezes, or lose valuable data.

Last month, Intel issued a security advisory about another vulnerability that a researcher identified that had existed in enterprise system firmware since 2010-2011.

The flaw was reported by developers at Linux distribution Debian, following earlier work by OCaml toolchain developers.

"The Kaby Lake microcode updates that fix this issue are now only available to system vendors, so you will need a BIOS/UEFI update to get it". Those with other Skylake model numbers should disable hyper-threading and then contact their vendors for a BIOS/UEFI fix, he added.