ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Major Intel CPU vulnerability

    Scheduled Pinned Locked Moved IT Discussion
    260 Posts 29 Posters 41.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @EddieJennings
      last edited by

      @eddiejennings said in Major Intel CPU vulnerability:

      @dashrender said in Major Intel CPU vulnerability:

      @eddiejennings said in Major Intel CPU vulnerability:

      In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

      I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

      The question then is whether or not the OS patching will be sufficient.

      Depends if it is Intel based or from a more security-minded vendor.

      EddieJenningsE 1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Dashrender
        last edited by

        @dashrender said in Major Intel CPU vulnerability:

        @eddiejennings said in Major Intel CPU vulnerability:

        @dashrender said in Major Intel CPU vulnerability:

        @eddiejennings said in Major Intel CPU vulnerability:

        In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

        I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

        The question then is whether or not the OS patching will be sufficient.

        While these are some pretty nasty vulnerabilities, I don't currently consider them that horrible. As I understand it (and I leave TONS of room to learn new things about these) you can only be affected if you run untrusted code on your system. Assuming that webpages can't take advantage, this amounts to the same level of issue as a typical virus.

        Assuming hardware vendors don't produce updates for hardware more than say 3 years old - how many here are going to be replacing their machines/devices (don't forget your android phones are affected too - last I heard)?

        In a desktop or laptop case, the risk is tiny compared to the big fear of shared computing environments.

        1 Reply Last reply Reply Quote 1
        • EddieJenningsE
          EddieJennings @scottalanmiller
          last edited by

          @scottalanmiller said in Major Intel CPU vulnerability:

          @eddiejennings said in Major Intel CPU vulnerability:

          @dashrender said in Major Intel CPU vulnerability:

          @eddiejennings said in Major Intel CPU vulnerability:

          In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

          I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

          The question then is whether or not the OS patching will be sufficient.

          Depends if it is Intel based or from a more security-minded vendor.

          All Dell and all Intel.

          scottalanmillerS 1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @Dashrender
            last edited by

            @dashrender said in Major Intel CPU vulnerability:

            ... (don't forget your android phones are affected too - last I heard)?

            The risk is not based on OS, so can't be determined by something like "Android phone." Some Androids are affected, some are not.

            1 Reply Last reply Reply Quote 0
            • scottalanmillerS
              scottalanmiller @EddieJennings
              last edited by

              @eddiejennings said in Major Intel CPU vulnerability:

              @scottalanmiller said in Major Intel CPU vulnerability:

              @eddiejennings said in Major Intel CPU vulnerability:

              @dashrender said in Major Intel CPU vulnerability:

              @eddiejennings said in Major Intel CPU vulnerability:

              In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

              I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

              The question then is whether or not the OS patching will be sufficient.

              Depends if it is Intel based or from a more security-minded vendor.

              All Dell and all Intel.

              Then an OS patch cannot fix it.

              EddieJenningsE 1 Reply Last reply Reply Quote 0
              • EddieJenningsE
                EddieJennings @scottalanmiller
                last edited by

                @scottalanmiller said in Major Intel CPU vulnerability:

                @eddiejennings said in Major Intel CPU vulnerability:

                @scottalanmiller said in Major Intel CPU vulnerability:

                @eddiejennings said in Major Intel CPU vulnerability:

                @dashrender said in Major Intel CPU vulnerability:

                @eddiejennings said in Major Intel CPU vulnerability:

                In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                The question then is whether or not the OS patching will be sufficient.

                Depends if it is Intel based or from a more security-minded vendor.

                All Dell and all Intel.

                Then an OS patch cannot fix it.

                While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                scottalanmillerS 1 Reply Last reply Reply Quote 0
                • ObsolesceO
                  Obsolesce
                  last edited by

                  I want to know how this effects hosts... does just the host need patched, or every VM?

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @Obsolesce
                    last edited by

                    @tim_g said in Major Intel CPU vulnerability:

                    I want to know how this effects hosts... does just the host need patched, or every VM?

                    Every VM.

                    1 Reply Last reply Reply Quote 0
                    • scottalanmillerS
                      scottalanmiller @EddieJennings
                      last edited by

                      @eddiejennings said in Major Intel CPU vulnerability:

                      @scottalanmiller said in Major Intel CPU vulnerability:

                      @eddiejennings said in Major Intel CPU vulnerability:

                      @scottalanmiller said in Major Intel CPU vulnerability:

                      @eddiejennings said in Major Intel CPU vulnerability:

                      @dashrender said in Major Intel CPU vulnerability:

                      @eddiejennings said in Major Intel CPU vulnerability:

                      In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                      I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                      The question then is whether or not the OS patching will be sufficient.

                      Depends if it is Intel based or from a more security-minded vendor.

                      All Dell and all Intel.

                      Then an OS patch cannot fix it.

                      While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                      That handles the one issue, not the other.

                      EddieJenningsE 1 Reply Last reply Reply Quote 0
                      • EddieJenningsE
                        EddieJennings @scottalanmiller
                        last edited by

                        @scottalanmiller said in Major Intel CPU vulnerability:

                        @eddiejennings said in Major Intel CPU vulnerability:

                        @scottalanmiller said in Major Intel CPU vulnerability:

                        @eddiejennings said in Major Intel CPU vulnerability:

                        @scottalanmiller said in Major Intel CPU vulnerability:

                        @eddiejennings said in Major Intel CPU vulnerability:

                        @dashrender said in Major Intel CPU vulnerability:

                        @eddiejennings said in Major Intel CPU vulnerability:

                        In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                        I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                        The question then is whether or not the OS patching will be sufficient.

                        Depends if it is Intel based or from a more security-minded vendor.

                        All Dell and all Intel.

                        Then an OS patch cannot fix it.

                        While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                        That handles the one issue, not the other.

                        The "other" being the chip design flaw itself?

                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @EddieJennings
                          last edited by

                          @eddiejennings said in Major Intel CPU vulnerability:

                          @scottalanmiller said in Major Intel CPU vulnerability:

                          @eddiejennings said in Major Intel CPU vulnerability:

                          @scottalanmiller said in Major Intel CPU vulnerability:

                          @eddiejennings said in Major Intel CPU vulnerability:

                          @scottalanmiller said in Major Intel CPU vulnerability:

                          @eddiejennings said in Major Intel CPU vulnerability:

                          @dashrender said in Major Intel CPU vulnerability:

                          @eddiejennings said in Major Intel CPU vulnerability:

                          In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                          I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                          The question then is whether or not the OS patching will be sufficient.

                          Depends if it is Intel based or from a more security-minded vendor.

                          All Dell and all Intel.

                          Then an OS patch cannot fix it.

                          While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                          That handles the one issue, not the other.

                          The "other" being the chip design flaw itself?

                          Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                          EddieJenningsE 1 Reply Last reply Reply Quote 0
                          • EddieJenningsE
                            EddieJennings @scottalanmiller
                            last edited by

                            @scottalanmiller said in Major Intel CPU vulnerability:

                            @eddiejennings said in Major Intel CPU vulnerability:

                            @scottalanmiller said in Major Intel CPU vulnerability:

                            @eddiejennings said in Major Intel CPU vulnerability:

                            @scottalanmiller said in Major Intel CPU vulnerability:

                            @eddiejennings said in Major Intel CPU vulnerability:

                            @scottalanmiller said in Major Intel CPU vulnerability:

                            @eddiejennings said in Major Intel CPU vulnerability:

                            @dashrender said in Major Intel CPU vulnerability:

                            @eddiejennings said in Major Intel CPU vulnerability:

                            In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                            I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                            The question then is whether or not the OS patching will be sufficient.

                            Depends if it is Intel based or from a more security-minded vendor.

                            All Dell and all Intel.

                            Then an OS patch cannot fix it.

                            While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                            That handles the one issue, not the other.

                            The "other" being the chip design flaw itself?

                            Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                            So the true 100% fix is really going to be hardware replacement, unless it can be address by some kind of lower-level flash update of the hardware.

                            scottalanmillerS ObsolesceO 2 Replies Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @EddieJennings
                              last edited by

                              @eddiejennings said in Major Intel CPU vulnerability:

                              @scottalanmiller said in Major Intel CPU vulnerability:

                              @eddiejennings said in Major Intel CPU vulnerability:

                              @scottalanmiller said in Major Intel CPU vulnerability:

                              @eddiejennings said in Major Intel CPU vulnerability:

                              @scottalanmiller said in Major Intel CPU vulnerability:

                              @eddiejennings said in Major Intel CPU vulnerability:

                              @scottalanmiller said in Major Intel CPU vulnerability:

                              @eddiejennings said in Major Intel CPU vulnerability:

                              @dashrender said in Major Intel CPU vulnerability:

                              @eddiejennings said in Major Intel CPU vulnerability:

                              In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                              I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                              The question then is whether or not the OS patching will be sufficient.

                              Depends if it is Intel based or from a more security-minded vendor.

                              All Dell and all Intel.

                              Then an OS patch cannot fix it.

                              While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                              That handles the one issue, not the other.

                              The "other" being the chip design flaw itself?

                              Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                              So the true 100% fix is really going to be hardware replacement, unless it can be address by some kind of lower-level flash update of the hardware.

                              Intel is providing microcode updates to the hardware.

                              But no question, we should all be questioning the use of Intel hardware in the future. We've always excused their FakeRAID stuff as a one-off misunderstanding of business customers; but this has shown that the same disregard for their customers and lack of proper thinking is much more broad and not limited to that one division.

                              EddieJenningsE black3dynamiteB 2 Replies Last reply Reply Quote 1
                              • ObsolesceO
                                Obsolesce @EddieJennings
                                last edited by

                                @eddiejennings said in Major Intel CPU vulnerability:

                                @scottalanmiller said in Major Intel CPU vulnerability:

                                @eddiejennings said in Major Intel CPU vulnerability:

                                @scottalanmiller said in Major Intel CPU vulnerability:

                                @eddiejennings said in Major Intel CPU vulnerability:

                                @scottalanmiller said in Major Intel CPU vulnerability:

                                @eddiejennings said in Major Intel CPU vulnerability:

                                @scottalanmiller said in Major Intel CPU vulnerability:

                                @eddiejennings said in Major Intel CPU vulnerability:

                                @dashrender said in Major Intel CPU vulnerability:

                                @eddiejennings said in Major Intel CPU vulnerability:

                                In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                                I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                                The question then is whether or not the OS patching will be sufficient.

                                Depends if it is Intel based or from a more security-minded vendor.

                                All Dell and all Intel.

                                Then an OS patch cannot fix it.

                                While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                                That handles the one issue, not the other.

                                The "other" being the chip design flaw itself?

                                Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                                So the true 100% fix is really going to be hardware replacement, unless it can be address by some kind of lower-level flash update of the hardware.

                                Hardware replacement fixes Meltdown, but not Spectre, as the latter is an issue on almost all systems.

                                1 Reply Last reply Reply Quote 0
                                • EddieJenningsE
                                  EddieJennings @scottalanmiller
                                  last edited by

                                  @scottalanmiller said in Major Intel CPU vulnerability:

                                  Intel is providing microcode updates to the hardware.

                                  And I imagine the way to get it is from your computer's manufacturer, which for your ancient workstations, there probably won't be an update released.

                                  Right now, I'm trying to see if SuperMicro has any kind of update I can apply to our production servers.

                                  1 Reply Last reply Reply Quote 0
                                  • black3dynamiteB
                                    black3dynamite @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Major Intel CPU vulnerability:

                                    @eddiejennings said in Major Intel CPU vulnerability:

                                    @scottalanmiller said in Major Intel CPU vulnerability:

                                    @eddiejennings said in Major Intel CPU vulnerability:

                                    @scottalanmiller said in Major Intel CPU vulnerability:

                                    @eddiejennings said in Major Intel CPU vulnerability:

                                    @scottalanmiller said in Major Intel CPU vulnerability:

                                    @eddiejennings said in Major Intel CPU vulnerability:

                                    @scottalanmiller said in Major Intel CPU vulnerability:

                                    @eddiejennings said in Major Intel CPU vulnerability:

                                    @dashrender said in Major Intel CPU vulnerability:

                                    @eddiejennings said in Major Intel CPU vulnerability:

                                    In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                                    I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                                    The question then is whether or not the OS patching will be sufficient.

                                    Depends if it is Intel based or from a more security-minded vendor.

                                    All Dell and all Intel.

                                    Then an OS patch cannot fix it.

                                    While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                                    That handles the one issue, not the other.

                                    The "other" being the chip design flaw itself?

                                    Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                                    So the true 100% fix is really going to be hardware replacement, unless it can be address by some kind of lower-level flash update of the hardware.

                                    Intel is providing microcode updates to the hardware.

                                    But no question, we should all be questioning the use of Intel hardware in the future. We've always excused their FakeRAID stuff as a one-off misunderstanding of business customers; but this has shown that the same disregard for their customers and lack of proper thinking is much more broad and not limited to that one division.

                                    But isn't majority of vendors who sells servers only sell Intel based servers?

                                    scottalanmillerS 1 Reply Last reply Reply Quote 0
                                    • scottalanmillerS
                                      scottalanmiller @black3dynamite
                                      last edited by

                                      @black3dynamite said in Major Intel CPU vulnerability:

                                      @scottalanmiller said in Major Intel CPU vulnerability:

                                      @eddiejennings said in Major Intel CPU vulnerability:

                                      @scottalanmiller said in Major Intel CPU vulnerability:

                                      @eddiejennings said in Major Intel CPU vulnerability:

                                      @scottalanmiller said in Major Intel CPU vulnerability:

                                      @eddiejennings said in Major Intel CPU vulnerability:

                                      @scottalanmiller said in Major Intel CPU vulnerability:

                                      @eddiejennings said in Major Intel CPU vulnerability:

                                      @scottalanmiller said in Major Intel CPU vulnerability:

                                      @eddiejennings said in Major Intel CPU vulnerability:

                                      @dashrender said in Major Intel CPU vulnerability:

                                      @eddiejennings said in Major Intel CPU vulnerability:

                                      In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                                      I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                                      The question then is whether or not the OS patching will be sufficient.

                                      Depends if it is Intel based or from a more security-minded vendor.

                                      All Dell and all Intel.

                                      Then an OS patch cannot fix it.

                                      While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                                      That handles the one issue, not the other.

                                      The "other" being the chip design flaw itself?

                                      Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                                      So the true 100% fix is really going to be hardware replacement, unless it can be address by some kind of lower-level flash update of the hardware.

                                      Intel is providing microcode updates to the hardware.

                                      But no question, we should all be questioning the use of Intel hardware in the future. We've always excused their FakeRAID stuff as a one-off misunderstanding of business customers; but this has shown that the same disregard for their customers and lack of proper thinking is much more broad and not limited to that one division.

                                      But isn't majority of vendors who sells servers only sell Intel based servers?

                                      No, in fact one of the biggest sells no Intel at all (IBM) and one of the biggest sells it only as a secondary (Oracle.) In fact, AFAIK, the only large vendor without something other than Intel in their lineup, was Dell and Dell changed their tune like eight months ago when AMD brought out their awesome new line of EPYC processors.

                                      There is always options to go without Intel. Intel was just so heavily focused on being tied to Windows licensing that people just kept using it without looking for anything else.

                                      black3dynamiteB 1 Reply Last reply Reply Quote 0
                                      • black3dynamiteB
                                        black3dynamite @scottalanmiller
                                        last edited by black3dynamite

                                        @scottalanmiller said in Major Intel CPU vulnerability:

                                        @black3dynamite said in Major Intel CPU vulnerability:

                                        @scottalanmiller said in Major Intel CPU vulnerability:

                                        @eddiejennings said in Major Intel CPU vulnerability:

                                        @scottalanmiller said in Major Intel CPU vulnerability:

                                        @eddiejennings said in Major Intel CPU vulnerability:

                                        @scottalanmiller said in Major Intel CPU vulnerability:

                                        @eddiejennings said in Major Intel CPU vulnerability:

                                        @scottalanmiller said in Major Intel CPU vulnerability:

                                        @eddiejennings said in Major Intel CPU vulnerability:

                                        @scottalanmiller said in Major Intel CPU vulnerability:

                                        @eddiejennings said in Major Intel CPU vulnerability:

                                        @dashrender said in Major Intel CPU vulnerability:

                                        @eddiejennings said in Major Intel CPU vulnerability:

                                        In addition to OS patches, I assume we ought to be looking for BIOS updates as well, which, with many of our ancient desktops, there will probably be none.

                                        I don't expect any for my 3 year old laptops, let alone my 5-7 year old desktops.

                                        The question then is whether or not the OS patching will be sufficient.

                                        Depends if it is Intel based or from a more security-minded vendor.

                                        All Dell and all Intel.

                                        Then an OS patch cannot fix it.

                                        While I understand the problem itself is with the chip, aren't the OS patches being released supposed to alter how memory is handled, which doesn't fix, but rather mitigates the problem (and potentially lowers performance)?

                                        That handles the one issue, not the other.

                                        The "other" being the chip design flaw itself?

                                        Right, the flaw is a literal bug and affects Intel. The broader (but less dangerous) issue is that certain types of processor tasks, mixed together, without being addressed by the OS, create a risk in memory.

                                        So the true 100% fix is really going to be hardware replacement, unless it can be address by some kind of lower-level flash update of the hardware.

                                        Intel is providing microcode updates to the hardware.

                                        But no question, we should all be questioning the use of Intel hardware in the future. We've always excused their FakeRAID stuff as a one-off misunderstanding of business customers; but this has shown that the same disregard for their customers and lack of proper thinking is much more broad and not limited to that one division.

                                        But isn't majority of vendors who sells servers only sell Intel based servers?

                                        No, in fact one of the biggest sells no Intel at all (IBM) and one of the biggest sells it only as a secondary (Oracle.) In fact, AFAIK, the only large vendor without something other than Intel in their lineup, was Dell and Dell changed their tune like eight months ago when AMD brought out their awesome new line of EPYC processors.

                                        There is always options to go without Intel. Intel was just so heavily focused on being tied to Windows licensing that people just kept using it without looking for anything else.

                                        What about vendors like xByte? They're pretty much a go to vendor for used servers.

                                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                                        • brianlittlejohnB
                                          brianlittlejohn
                                          last edited by

                                          I wish xByte sold SuperMicro as well.

                                          scottalanmillerS 1 Reply Last reply Reply Quote 0
                                          • scottalanmillerS
                                            scottalanmiller @brianlittlejohn
                                            last edited by

                                            @brianlittlejohn said in Major Intel CPU vulnerability:

                                            I wish xByte sold SuperMicro as well.

                                            I've told them that, too.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 12
                                            • 13
                                            • 1 / 13
                                            • First post
                                              Last post