Intel CPUs impacted by new Zombieload side-channel attack

[Jime234]

On 5/30/2019 at 9:42 PM, B2gfserwe said:

MDS Tool from RIDL Team

Verify whether your system is vulnerable today with our MDS tool.

 

Scroll down to Download https://mdsattacks.com/

It says, stopped working

[B2gfserwe]

what do you mine? jime234 ?

[B2gfserwe]

On 6/17/2019 at 2:10 AM, funkyy said:

@B2gfserwe

                       thanks for your last post (above) with KB files highlighted. I have Windows automatic updates switched off, so I just install Security Only updates. You'll notice that I edited my post (5:23pm yesterday) to include KB4499175, Do you recommend that I install the other two updates files in your post? (KB1199164 and KB4493472). I have downloaded them ready to install.😀

 

 

i would recommend to turn Updates on if you let it off you don´t need to install anything. You OS is full with vulnerabilities without Updates. 🙂

And Upgrade to Win10. Windows 7 support will end on January 14, 2020

One of then 4499164 or 4499175 is enough.

[funkyy]

4 hours ago, B2gfserwe said:

 

i would recommend to turn Updates on if you let it off you don´t need to install anything. You OS is full with vulnerabilities without Updates. 🙂

And Upgrade to Win10. Windows 7 support will end on January 14, 2020

One of then 4499164 or 4499175 is enough.

Thanks B2gfserwe, I know that support will end for Win 7 quite soon and I will eventually upgrade to Win 10....when Microsoft stop messing up the patches. I only upgraded to Win 7 last October lol, so I'm quite happy with Win 7 for now. About my leaving automatic updates "off"......I don't want the dreaded "Your Windows is not genuine" message or any other bother from Bill Gates' gang. Well, I've just updated with another 5 KB files so hopefully I'll wing it for a while yet !! 😀😀😀

Thanks for your advice and help.

[steven36]

3 hours ago, ( ︶︿︶) said:

@B2gfserwe I am in "group B" according to AskWoody and have installed all the monthly security updates for my windows7 x64 machine. The security rollups are from Oct 2016 through and including the June 2019 update, so yes I have installed the KB4499175 rollup. Is my machine safe from this Zombieload stuff? I am a little confused about all this stuff.

 

It's only half patched   unless you mitigate  the registry as well because Microsoft released no firmware microcode for windows 7 only they did for windows 10

 

UPDATE: Today's Patch Tuesday also addresses the new CPU side-channel attack published today known as Zombieload [1] (ADV190013). As Meltdown, Spectre, and Foreshadow the new flaw may allow an attacker to steal sensitive data and keys being processed by the CPU. To fix the issue you must apply OS updates provided by Microsoft today (not available for all versions yet) and firmware microcode from device OEMs. The details for this advisory are available at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190013

 

Source

.https://isc.sans.edu/forums/diary/Microsoft+May+2019+Patch+Tuesday/24934/

____________________________________________________________________________________

[–]geggleau 4 points 1 month ago 

I'm looking for this too, though it's probably a bit early for full details yet.

Microsoft have released a new SpeculationControl module including the MDS configuration. (See details here).

According to this there appear to be different microcode updates for different processors. Intel have released a lot of them, but we'll have to get them through our OS or system vendor.

 

While Intel supports OS-provided microcode updates for most of the affected chips, Microsoft did not package the microcode updates with the OS for the Spectre/Meltdown patches, so I expect they'll do the same this time.

 

In the meantime, disabling SMT/HyperThreading seems to be the recommended option.

I'm hoping this will become clearer soon.

____________________________________________________________________________

They never released it and next patch Tuesday has passed  

 

[Jime234]

11 hours ago, B2gfserwe said:

what do you mine? jime234 ?

I mine to say that when I try to play the app, it wont open and say stopped working instead.

[steven36]

@straycat19 explains  here  a way to update  Microcode for any Windows  system 

You must do both windows updates and microcode  to be fully protected !

[B2gfserwe]

9 hours ago, funkyy said:

Thanks B2gfserwe, I know that support will end for Win 7 quite soon and I will eventually upgrade to Win 10....when Microsoft stop messing up the patches. I only upgraded to Win 7 last October lol, so I'm quite happy with Win 7 for now. About my leaving automatic updates "off"......I don't want the dreaded "Your Windows is not genuine" message or any other bother from Bill Gates' gang. Well, I've just updated with another 5 KB files so hopefully I'll wing it for a while yet !! 😀😀😀

Thanks for your advice and help.

you can upgrade form Cracked Win7 for free to legal Win 10 with Media Creation Tool i don´t now how long if you confirmed that you needed to rely on assistive technologies in Windows 10. These include the magnifier, on-screen keyboard, reading and voice output.

[B2gfserwe]

3 hours ago, Jime234 said:

I mine to say that when I try to play the app, it wont open and say stopped working instead.

 

 

How to test MDS (Zombieload) patch status on Windows systems

PowerShell script tells you if your Windows OS is safe from MDS attacks.

 

https://www.zdnet.com/article/how-to-test-mds-zombieload-patch-status-on-windows-systems/

[B2gfserwe]

Enabling mitigations that are off by-default may affect performance. The actual performance effect depends on multiple factors, such as the specific chipset in the device and the workloads that are running.

[steven36]

47 minutes ago, ( ︶︿︶) said:

this is what you are talking about:

If I do the registry thing then my system will be fully protected?

and does this registry thing slow down my system?

To answer your questions   Microsoft says it  will impact your system performance  and you still need  to do microcode  updates  to be fully patched . right here it says it

https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot

 

But the thing is as a home user  you have a better chance of being struck by lightning....3 times in a row, than being affected by any of these exploits  to date none of these Intel problems have been exploited in the wild  if it was  Microsoft  and Intel would push out updates for even XP  like they did for Wannacry and Bluekeep . Enterprise is more likely  to be exploited  if it was ever used in the wild  .

 

 

[B2gfserwe]

Intel ZombieLoad flaw forces OS patches with up to 40% performance hits

 

full protection could reduce your CPU’s performance by up to 40%.

Referred to by the more technical name “Microarchitectural Data Sampling,” the ZombieLoad exploit enables an attacker to access privileged data across trust boundaries. In a cloud hosting environment, it could enable one virtual machine to improperly access information from another; researchers also showed that it could be used for app surveillance and password acquisition. The vulnerability broadly impacts operating systems that run on Intel chips, including Android, Chrome, Linux, macOS, and Windows.

 

 

https://venturebeat.com/2019/05/14/intel-zombieload-flaw-forces-os-patches-with-up-to-40-performance-hits/

 

[steven36]

1 hour ago, ( ︶︿︶) said:

I hope they get all this figured out before I buy a new system

Well if you buy or have a AMD  system  it's not even effected by Zombieload but  like  Chris Hoffman at How to Geek  wrote about   that's the only real cure for  this is to buy hardware .

 

Only New CPUs Can Truly Fix ZombieLoad and Spectre

https://www.howtogeek.com/415018/only-new-cpus-can-truly-fix-zombieload-and-spectre/

 

I have a AMD PC  that was not effected by  none  of these flaws because it came out before AMD added there  backdoor,  but also i have a Intel  PC  were  i use Linux with  im fully patched for what I do on PCs the patch really not bothered me. But these patches slow down your system and  are only good tell someone figures out a new Side channel attack  .Spectre had many  so I'm sure they will be more. Intel have had back doors in there Chips way  longer than AMD has (they both do now) and we knew for years something was going happen and it did starting last  year . If you truly want too be safe you may want to invest in open source hardware  and use Linux on it.

[funkyy]

5 hours ago, steven36 said:

To answer your questions   Microsoft says it  will impact your system performance  and you still need  to do microcode  updates  to be fully patched . right here it says it

https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot

 

But the thing is as a home user  you have a better chance of being struck by lightning....3 times in a row, than being affected by any of these exploits  to date none of these Intel problems have been exploited in the wild  if it was  Microsoft  and Intel would push out updates for even XP  like they did for Wannacry and Bluekeep . Enterprise is more likely  to be exploited  if it was ever used in the wild  .

 

 

Thanks steven36, I've had enough of worrying about it. I have updated various recommended KB files, read through reams of INTEL's so.-called help and advice, reams of Microsoft technical bunkum that talks about the potential problem in great detail but treats everyone with a computer as having the same grasp of the technical side as one of their IT's and doesn't give simple step by step instructions...just refers you to another KB Knowledge base that then refers you to another one!! I just wonder how many folk have messed up their registry trying to pre-empt this "threat".

I'm done. My head's spinning and I feel worse right now than if one of the threats had actually bitten me.

I pity the folk out there who have less computer knowledge than me (and yes there are some!! lol). So I'll take my chances now.😀😀😀