Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/13/2018
01:20 PM
Connect Directly
Twitter
RSS
E-Mail

8 Big Processor Vulnerabilities in 2018

Security researchers have been working in overdrive examining processors for issues - and they haven't come up empty-handed.
3 of 9

BranchScope
The initial announcement of Spectre and Meltdown captured the imagination of security researchers and sparked a long line of related examinations. One of the first related discoveries to bear fruit was BranchScope, which was announced in March. Discovered by researchers from the College of William and Mary, Carnegie Mellon, the University of California Riverside, and Binghamton University, this one was also discovered in the speculative execution feature. In BranchScope's case, researchers found a flaw in what is called a Branch Target Buffer within Intel processors. They showed how this feature leaks information based on previous command-execution decisions made by the processor's branch predictor. 
Image Source: Adobe Stock (beebright)

BranchScope

The initial announcement of Spectre and Meltdown captured the imagination of security researchers and sparked a long line of related examinations. One of the first related discoveries to bear fruit was BranchScope, which was announced in March. Discovered by researchers from the College of William and Mary, Carnegie Mellon, the University of California Riverside, and Binghamton University, this one was also discovered in the speculative execution feature. In BranchScope's case, researchers found a flaw in what is called a Branch Target Buffer within Intel processors. They showed how this feature leaks information based on previous command-execution decisions made by the processor's branch predictor.

Image Source: Adobe Stock (beebright)

3 of 9
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
tomas.honzak@gooddata.com
100%
0%
[email protected],
User Rank: Author
7/17/2018 | 3:02:32 PM
Excellent overview -- but does it end here?
Nicely summarized the evolution of the biggest hardware-level nightmare of 2018 (I hope I don't have to include "so far"...) 

After spending a good part of this year watching our infrastructure engineers and security experts trying to come up with a solid mitigation plan that would not kill our SaaS platform immediately and seeing how our response strategy had to change more than a dozen times as the new and updated kernel patches and CPU microcodes were published and recalled, and new and updated attack vectors and vulnerabilities were discovered, it became literally impossible to keep track of our overall exposure and risks.

Not to mention our enterprise customers, who tried so hard to keep track on our patching progress for the first three months of the year, after which they gave up as the development of this crisis turned into an unmanageable nightmare.

In the end, similarly to how the industry seems to be getting used to the fact that data breaches are the new reality and the overwhelming amount of new incidents does not come out as a surprise anymore, we need to accept that the complexity of today's CPUs, together with the fact that the primary focus of the manufacturers was, is and will be the performance, means that there might be many additional hw-level security flaws to be discovered over the next months and years.

To me, the takeaway is very simple: security and privacy are ongoing end to end process and rather than relying on particular technology or safeguard, we need to continue looking on risks and mitigate them on all the levels, starting by collecting just the minimal data needed - and ending by continuously improving the layered security.
Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29623
PUBLISHED: 2021-05-13
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying th...
CVE-2021-32917
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
CVE-2021-32918
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.
CVE-2021-32919
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...
CVE-2021-32920
PUBLISHED: 2021-05-13
Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.