Is your intel processor weak to mds vulnerabilities?

In recent days, Intel's mailbox has been practically on fire. Serious security flaws have been discovered in their processors and the community is upside down to see how they will fix it. But what does it matter to us users? Today we are going to explain how it affects you and what to do to detect if your Intel CPU is weak to MDS vulnerabilities.

In this article we will briefly study what these famous vulnerabilities are and why you should care about their existence. We will review a bit of how to discover them and how they affect your computer and, finally, we will see how to know if you are in good condition or if danger is lurking.

MDS vulnerabilities: Intel in check

Intel has done it again. If you come from the near future, this is possibly part of the history of computing and you remember it all as a bump in the history of the blue team. However, for those who suffer today, we are in suspense to know how to solve it.

MDS vulnerabilities: RIDL

As we've already covered in the news, Intel processors are under scrutiny as a group of researchers have uncovered a number of serious problems. These processor failures are the so-called 'MDS vulnerabilities' ( Micro-architectural Data Sampling or Micro-architectural Data Sampling in Spanish ).

The four flaws under this name take advantage of speculative execution that Intel installed almost a decade ago in its processors, although today it seems that this is playing against them. The MDS vulnerabilities are:

1. CVE-2018-12126 Micro-architectural Store Buffer Data Sampling (MSBDS) CVE-2018-12130 Micro-architectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12127 Micro-architectural Load Port Data Sampling (MLPDS) CVE-2019-11091 Micro-architectural Data Sampling Achacable Memora (SUMID)

As expected, Intel is moving land and sea to fix these problems and we still do not know how it will affect the plan sheet that the company had for the coming years. Surely, they will have to change the design of the architectures of the future processors and fight again for the trust of the users.

Understanding vulnerabilities

These vulnerabilities exploit the flaws of what we know as the 'speculative execution' of Intel processors. Broadly speaking, we could say that this functionality causes the processor to work with data whose reliability is unknown, making it a way to exploit the system.

In essence, these attacks take advantage of the processor's memory buffers or even data threads in order to reach sensitive information (passwords, connections, personal information…). You can learn more about the problem of MDS vulnerabilities in this Red Hat Videos video. The explanation is very visual and explanatory:

The Californian company introduced these "improvements" in 2011 and, according to some sources, the processors created since that year may have been suffering from such attacks without even realizing it.

It is possible that this is one of the worst crises that the company has suffered, since they have even recommended to completely turn off Hyper-Threading or Multi-Thread in their processors. If you think it is not very serious, since they are patching the flaws, you should not be so confident. The core of the problem is that these vulnerabilities are caused by how the Intel architecture is created, so it cannot be fixed, only avoided.

How do I combat MDS vulnerabilities

As we have commented in the previous section, MDS vulnerabilities are flaws in the Intel architecture, so users cannot solve it. Even buying a new Intel processor we would also be under the same danger, so everything falls on what companies do.

Types of MDS vulnerabilities: ZombieLoad, RIDL and Fallout

For example, Intel recommends turning Multi-Thread off and is patching it little by little to protect its processors. On the other hand, companies like Apple, Google or Microsoft have shielded their applications and Operating Systems to combat these attacks.

If you are an AMD user, you do not have to worry, since the company has stated that its architecture is immune to MDS vulnerabilities . However, we do not rule out that AMD suffers from its own architectural flaws that have not yet been discovered, so you should always be aware of the latest news about the medium.

The best thing you, as a user, can do is stay well informed on the latest news and check for software and firmware updates. Since this is a large-scale issue, updates will arrive progressively starting with the newest and most relevant processors. If you have an older processor, it will probably take several days, but don't worry, they will arrive.

In dead time, we recommend using the MDS Tool application to see if your processor is vulnerable and to check, after an update, if it has been fixed. It must be emphasized that the patches solve some problems with new micro-code, but they are not changes without repercussion. In other news we showed the benchmarks of various processors where the performance reduction was from minimal, to drops of 20% in performance.

The MDS Tool

To be aware of the state of your computer, we recommend using this program, which was recently updated to also cover MDS vulnerabilities . This tool takes the information from your processor and RAM memory and performs a diagnosis to check what the system is exposed to. The program works for both Windows and Linux .

After installation, it will leave a compressed zip file with two executables, one for 32-bit processors and one for 64-bit . To know the bits of your processor you can open the file explorer, right click on 'Computer' and click properties. A window will appear with the basic characteristics of the system, including the processor bits.

WE RECOMMEND YOU Intel x86 hybrid, a PC processor with big.LITTLE design

Instructions to know the bits of your processor

After doing this, we will have to start the executable corresponding to the bits we have in the processor and a window will open with information about the possible weaknesses we have. In the final section we can see if our team is already safe from MDS vulnerabilities or is still under threat.

Here is an example of a teammate's processor before and after the last Windows update:

i5-6600k before updates

i5-6600k after updates

As we can see, the processor is exposed to different vulnerabilities and with the firmware update one of them has been solved. However, since it is a multi-generation old processor, it is not at the top of the patch schedule over MDS vulnerabilities.

Intel's future

We are crossing right now one of the most committed moments of the Californian company. Last year Specter and Meltdown were already discovered and just a year later we suffered more problems, this time from the architecture itself.

With Intel's future 10nm generation, we sense these issues will fade, but that's not exactly good news for the company. With such a serious and profound problem, it will mean that until we switch to a new architecture we will not be safe and, to be sure, we will not be able to harness the full potential of the processors.

We recommend reading the best processors.

Of course, the move that Intel took advantage of a few years ago was not cheap. And unsurprisingly, many people have already lost confidence in Intel and, along with the Ryzen 3000 announcement just around the corner, they are considering giving AMD a vote of confidence.

In the coming weeks we will be especially vigilant to sources and will report any relevant information about MDS vulnerabilities . Stay on top of the news to find out first-hand what to do when your team is in danger.

What do you think of Intel right now? Will you continue to buy brand name processors? Tell us below your ideas. And Remember that Computex 2019 is about to start, do not miss a single news.

RedesZonesExtremeTech Source