"Without Meltdown and Specter": Intel redesigns its processors
Last week, Intel announced that it continues to work on protection from Meltdown and Specter. In addition to the released software "patches" for existing processors, the company intends to rework subsequent models at the "silicon level."
Details below.
/ photo Intel Free Press CC
')
Intel CEO Brian Krzanich in the middle of the month presented a report on the work done by the company since the discovery of vulnerabilities. According to him, microcode updates for all products released over the past 5 years have already been released.
We are talking about Kaby Lake, Coffee Lake and Skylake platforms, which are 6, 7 and 8th generations of Intel processors, as well as the “family” Core X. The update also affected the recently announced Intel Xeon and Intel Xeon D, intended for use in the data center .
Earlier, Intel has already released software patches (in early January), after the information about Specter and Meltdown was widely publicized in the press. However, updates on many computers led to malfunctions, reboots and BSODs. But later the IT giant released new updates, with which no problems were noticed.
In addition to software updates, the company decided to recycle chips at the “silicon” level. For this, Intel even created a special IPAS group (Intel Product Assurance and Security) led by Leslie S. Culbertson, one of Intel’s long-time top managers. The goal of the group is not only the development of Specter and Meltdown hardware patches, but also the search for solutions to prevent possible threats in the future.
The hardware enhancements will begin with the new Intel Xeon Scalable (codenamed Cascade Lake), as well as the 8th generation of Intel Core processors that will hit the market in the second half of 2018. CEO Brian Krzhanich assures that "work in this direction is a long-term process, which the company takes seriously."
The vulnerability problem affected AMD products only partially - Meltdown “bypassed” AMD. The company released software patches from Specter Variant 1 in the form of updates for the operating system, as well as modifications of the microcode to counter Specter Variant 2. However, according to the company, the updates to AMD were not critical.
Despite this, it was decided to take a number of additional measures. AMD President Lisa Su (Lisa Su) has confirmed that the new Zen 2 architecture will contain a fix at the "silicon level". Exit Zen 2 with 7 nm process technology is expected in 2019.
/ photo Fritzchens Fritz CC
Microsoft recently opened a new bug-bounty program that targets vulnerabilities like Specter and Meltdown in Windows and Azure. The reward for the bug depends on the level of danger found - there are only four of them.
The first level (from 5 to 25 thousand dollars) corresponds to the finding of already known vulnerabilities (such as CVE-2017-5753) in Windows 10 or Microsoft Edge, and the fourth (from 100 to 250 thousand dollars) - the discovery of previously unknown attack vectors. Microsoft suggested searching for vulnerabilities until December 31, 2018.
Intel is also not lagging behind and in March expanded its bug-bounty program. For finding threats like Specter and Meltdown, the corporation will pay from 20 to 250 thousand dollars, depending on the rating of the identified vulnerability CVSS (Common Vulnerability Scoring System). As in the case of Microsoft, the program is active until December 31, 2018.
Details below.
/ photo Intel Free Press CC
')
Software patches for current products
Intel CEO Brian Krzanich in the middle of the month presented a report on the work done by the company since the discovery of vulnerabilities. According to him, microcode updates for all products released over the past 5 years have already been released.
We are talking about Kaby Lake, Coffee Lake and Skylake platforms, which are 6, 7 and 8th generations of Intel processors, as well as the “family” Core X. The update also affected the recently announced Intel Xeon and Intel Xeon D, intended for use in the data center .
Earlier, Intel has already released software patches (in early January), after the information about Specter and Meltdown was widely publicized in the press. However, updates on many computers led to malfunctions, reboots and BSODs. But later the IT giant released new updates, with which no problems were noticed.
Recycling future processor models
In addition to software updates, the company decided to recycle chips at the “silicon” level. For this, Intel even created a special IPAS group (Intel Product Assurance and Security) led by Leslie S. Culbertson, one of Intel’s long-time top managers. The goal of the group is not only the development of Specter and Meltdown hardware patches, but also the search for solutions to prevent possible threats in the future.
The hardware enhancements will begin with the new Intel Xeon Scalable (codenamed Cascade Lake), as well as the 8th generation of Intel Core processors that will hit the market in the second half of 2018. CEO Brian Krzhanich assures that "work in this direction is a long-term process, which the company takes seriously."
What makes AMD
The vulnerability problem affected AMD products only partially - Meltdown “bypassed” AMD. The company released software patches from Specter Variant 1 in the form of updates for the operating system, as well as modifications of the microcode to counter Specter Variant 2. However, according to the company, the updates to AMD were not critical.
Despite this, it was decided to take a number of additional measures. AMD President Lisa Su (Lisa Su) has confirmed that the new Zen 2 architecture will contain a fix at the "silicon level". Exit Zen 2 with 7 nm process technology is expected in 2019.
/ photo Fritzchens Fritz CC
How else are Specter and Meltdown struggling
Microsoft recently opened a new bug-bounty program that targets vulnerabilities like Specter and Meltdown in Windows and Azure. The reward for the bug depends on the level of danger found - there are only four of them.
The first level (from 5 to 25 thousand dollars) corresponds to the finding of already known vulnerabilities (such as CVE-2017-5753) in Windows 10 or Microsoft Edge, and the fourth (from 100 to 250 thousand dollars) - the discovery of previously unknown attack vectors. Microsoft suggested searching for vulnerabilities until December 31, 2018.
Intel is also not lagging behind and in March expanded its bug-bounty program. For finding threats like Specter and Meltdown, the corporation will pay from 20 to 250 thousand dollars, depending on the rating of the identified vulnerability CVSS (Common Vulnerability Scoring System). As in the case of Microsoft, the program is active until December 31, 2018.
Other materials from corporate blog 1cloud:
- Meltdown and Specter: Christmas CPU Vulnerability
- Consider the cloud neblakom: what is common in a virtual environment and "iron"
- Virtual tables and windows: how to "teleport" the workplace
- 4 key cloud security trends
- How to secure a Linux system: 10 tips
- A bit about security in the "cloud": what the provider does
Source: https://habr.com/ru/post/352244/
All Articles