News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • Hyper-Threading & ZombieLoad CPU exploit

    Home Forums Code Red – Security/Privacy advisories Hyper-Threading & ZombieLoad CPU exploit

    Viewing 2 reply threads
    • Author
      • #1629247
        AskWoody Plus

        Evidently the researchers that discovered the “Zombieland” side channel problem suggested turning off Hyper Threading in the affected Intel CPU’s but Intel isn’t pushing for it. Another reason I’m glad I went with AMD for my latest build, since it isn’t affected.

        The easiest fix, the ZombieLoad discoverers said in a document detailing the exploit, is to turn off Hyper-Threading on Intel processors:

        “As ZombieLoad leaks loaded values across logical cores, a straightforward mitigation is disabling the use of Hyper-Threading. Hyper-Threading improves performance for certain workloads by 30 percent to 40 percent.”

        But Intel said that’s not necessarily the only answer for all PC users. In fact, Intel said that it’s really up to each customer to decide what to do. If software cannot be guaranteed to be trusted then yes, maybe you’ll want to disable Hyper-Threading. If your software only comes from the Microsoft Store or your IT department, you could probably leave Hyper-Threading on. For all others, it really depends on how squeamish you are.

        “Because these factors will vary considerably by customer, Intel is not recommending that Intel HT be disabled, and it’s important to understand that doing so does not alone provide protection against MDS,” Intel said in a statement.

        Don't take yourself so seriously, no one else does 🙂
        4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

        1 user thanked author for this post.
      • #1630225
        Steve S.
        AskWoody Plus

        I was reading about these issues today. Seems a lot of different research teams independently discovered and worked on these vulnerabilities in a non-disclosure environment for about a year.  Graz University of Technology named them the “ZombieLoad” Attack. VUSec (Vrije University Amsterdam) called two variants “RIDL” and “Fallout”. Intel apparently decided to call them “MDS” attacks.

        One thing of interest to me: Intel says the newer i8 and i9 processors are not vulnerable, while the VUSec team says the i9 is more vulnerable – at least to the Fallout attack.

        And of course, there are now several different logos to go with the different names, lol!   — Graz team    — VUSec team     — Intel’s take on it

        The VUSec site above also has a downloadable program to test one’s system for vulnerabilities per ghacks:

        Win7 Pro x64(Group B), Win10 Pro x64 1909, Win10 Home 1909, Linux Mint + a cat with 'tortitude'.

        • This reply was modified 1 year, 9 months ago by CADesertRat.
        1 user thanked author for this post.
      • #1639034
        AskWoody MVP

        Moonchild’s summary is worth a read:

        TL;DR: If you switch off HT for this on your desktop, you’re being dumb.

        Honestly, it’s something you cannot really exploit in the wild for anything useful.

        Please read the entirety of the article which highlights some important points.

        3 users thanked author for this post.
    Viewing 2 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: Hyper-Threading & ZombieLoad CPU exploit

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.