Lunes, 15 Octubre, 2018

About speculative execution vulnerabilities in ARM-based and Intel CPUs

Security patches for Meltdown and Spectre are slowing older systems down Intel sets world record for indoor drones
Ramiro Mantilla | 13 Enero, 2018, 01:46

Almost most of the devices were effected by these Meltdown and Spectre flaws including the Apple devices.Both the "Spectre and Meltdown" flaws affect the performance of CPU feature called Speculative Execution which is responsible for improving speed and operate multiple operations. Linux vendors are also rolling out patches for AMD systems too.

The final SKU tested in this run was a 6th generation Skylake-S processor and there Intel found performance impact to be slightly higher when running Windows 10, but lower when running Windows 7 and even lower if the system is running on a hard drive rather than a solid state drive. Meltdown on the other hand doesn't seem to be a concern.

"We (and others in the industry) had learned of this vulnerability under nondisclosure agreement several months ago and immediately began developing engineering mitigations and updating our cloud infrastructure", Microsoft executive Terry Myerson wrote in a blog post.

Intel has said it will issue fixes that won't directly affect performance, and the best thing to do would be to install them as soon as possible.

The magnitude of the Meltdown/Spectre debacle is yet to be truly understood.

The case is different for Windows Server, Microsoft's operating system for servers. These, however, are used as examples of slower drive speeds affecting testing, so don't give a huge insight into the potential performance hit.

Timely adoption of software and firmware patches by consumers and system manufacturers is critical, said Krzanich, adding that transparent and timely sharing of performance data by hardware and software developers is essential to rapid progress. Systems using AMD Opteron, Athlon or Turion X2 Ultra CPUs should gain access to the patch once again next week.

Of course, there was only one little problem with this fix: The first Microsoft Windows 10 patch bricked some PCs running older AMD processors.

Processor maker AMD on Thursday backtracked on its claims that its processors had "near zero risk" to the Spectre security flaw with a more comprehensive statement acknowledging that it will issue microcode and OS patch updates to protect customers. However, you understand and agree that at the time of any transaction that you make, one or more contributors may have a position in the securities written about.

"End-users should continue to apply updates recommended by their system and operating system providers", he said.

Variation 2 (Branch Target Injection or Spectre), which is harder to exploit, is being addressed through optional microcode updates for Ryzen and EPYC processors starting this week.