Call Us!
Sales: (604) 239-4283
|
Get Support
|
info@compunet.ca
IT Support For Vancouver Law Firms IT Services For Vancouver Law Firms Vancouver Legal IT Services
  • Managed It Services
  • Cybersecurity
  • Cloud Solutions
Close
Legal IT Support in Vancouver
  • Architecture
    • IT Management
    • Cloud Solutions
    • Software Support
    • Cybersecurity Solutions
  • Law Firms
    • Technology Management
    • Digital Transformation
    • Software Support
    • Cloud Services
    • IT Security
    • Cybersecurity Management
    • Ransomware Prevention
  • Accounting
    • Managed IT Services
    • Cloud Services
    • Ransomware Removal
    • Ransomware Protection
  • Engineering
    • Managed IT
    • Cloud
    • IT Security
    • Ransomware Removal
  • Cybersecurity Services
    • Microsoft MFA
    • Microsoft 365 Secure
    • Microsoft Office Protect
    • Network Security
    • Endpoint Protection
    • Dark Web Protection
  • About Us
    • How We Work
    • Why Choose Us
    • Case Studies
    • Our Blog
    • Is This You?
    • Five-Star Feedback
    • Careers
    • Referral Program
  • Where We Serve
    • Greater Vancouver
    • Burnaby
    • Langley
    • Surrey
    • North Vancouver
    • New Westminster
  • Contact Us
    105-135 East 15th Street
    North Vancouver, BC V7L 2P7
    (604) 986-8170 info@compunet.ca
    Get Support

Billions of Computer Devices Won’t Get Intel’s Spectre Fix

17 Product Groups Named-Their Production Halted and Update Support Ended After Irrefutable Evidence Uncovered Flaw in Intel Chips. The information about the Spectre attacks came to light back in January 2018. Intel and other technology firms and vendors were made aware of research findings by Paul Kocher from Spectreattack.com and Jann Horn from Google Project […]

Start A Conversation

17 Product Groups Named-Their Production Halted and Update Support Ended After Irrefutable Evidence Uncovered Flaw in Intel Chips.

Intel Processors

The information about the Spectre attacks came to light back in January 2018. Intel and other technology firms and vendors were made aware of research findings by Paul Kocher from Spectreattack.com and Jann Horn from Google Project Zero.

Paul’s collaboration team regarding the chip flaw and the notorious Spectre Attacks were:

  • Daniel Genkin (the University of Pennsylvania and University of Maryland)
  • Mike Hamburg (Rambus)
  • Moritz Lipp (Graz University of Technology)
  • Yuval Yarom (University of Adelaide and Data61)

The research findings from Paul Kocher’s team and Jann Horn supported what the U.S. Department of Commerce’s agency, NIST (National Institute of Standards and Technology) found. At NIST’s, National Vulnerability Database website is the research published on January 4, 2018.

Take note of these excerpts, the indirect branch prediction and branch prediction in both announcements:

CVE-2017-5715

Current Description: “Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.”

CVE-2017-5753

Current Description: “Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.”

After the findings arrived, on January 3, 2018, Intel responds to Paul and Jann’s security research findings with this disbelieving statement: “Intel believes these exploits do not have the potential to corrupt, modify or delete data.”

With the proof in front of them, Intel believed the research reports were flawed and incorrect. The idea of these acts caused by a “bug”, or a “flaw” was not possible. Their explanation was, “there are many types of computing devices, using different vendor’s operating systems and processors. All are at risk of being exploited.”

But Paul’s team exploited speculative execution and had solid proof.

They experimented on multiple x86 processor architectures. They used the Intel Ivy Bridge (i7-3630QM). The Intel Haswell (i7-4650U). The Intel Skylake (unspecified Xeon on Google Cloud) and finally an AMD Ryzen processor.

In every test, the team observed the Spectre vulnerability across all of these CPUs. Similar results on both 32- and 64-bit modes, and both Linux and Windows. Some ARM processors also support speculative execution, and the initial testing confirmed, ARM processors could not pass the test.

When they attacked using native code, they were able to read the entire victim’s memory address space, including the secrets stored within it, with ease.

When they attacked using Java code, they successfully read data from the address space of the browser process running it, with zero effort.

The research evidence was irrefutable.

Their results showed there was a flaw in Intel chips.

A day later, January 4, 2018, Intel issues updates to protect systems from security exploits. They released this statement: “Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from both exploits (referred to as “Spectre” and “Meltdown”) reported by Google Project Zero.”

Three months later on April 2, 2018, Intel’s Microcode Revision Guidance is released and what’s inside exposed the truth. In this 19-page pdf document, you will find 17 product groups listed, (color-coded in red), productions halted, and update support has ended.

Looking through the guide, you will find the columns listed by Product Names, Public Name, CPUID, Platform ID, Production Status, Pre-Mitigation Production MCU, STOP deploying these MCU revs, and New Production MCU Rev.

The pages with the discontinued products are below:

  • Page 4: Bloomfield and Bloomfield Xeon
  • Page 7: Clarksfield
  • Page 8: Gulftown and Harpertown Xeon CO & EO
  • Page 11: Jasper Forest
  • Page 12: Penryn/QC
  • Page 15: SoFIA 3GR
  • Page 16: Wolfdale CO, MO, EO & RO, Wolfdale Xeon CO & EO
  • Page 17: Yorkfield & Yorkfield Xeon

When you review the columns, you will see one labeled STOP deploying these MCU revs. Intel’s definition for this column is as follows:

  • Intel recommends discontinuing using these select versions of MCU that were previously released with mitigations for Variant 2 (Spectre) due to system stability issues.

Intel also states in their Microcode Revision Guidance Legend:

  • “After a comprehensive investigation of the microarchitectures and microcode capabilities for these products, Intel has determined to not release”
  • “Microcode updates for these products for one or more reasons including, but not limited to the following:”
  • “Micro-architectural characteristics that preclude a practical implementation of features mitigating Variant 2 (CVE-2017-5715)”
  • “Limited Commercially Available System Software support.”
  • “Based on customer inputs, most of these products are implemented as “closed systems” and therefore are expected to have a lower likelihood of exposure to these vulnerabilities.”

As you can see, Intel’s exhaustive investigation could not discredit Paul, Jann and NIST’s research and proof. Intel decided, due to microarchitectures and microcode capabilities, for the specific products listed, not to move forward and release microcode updates for these products.

If you own a PC, Mac, or Cell phone, a Spectre attack can affect your device. If you use Cloud Services, your provider’s infrastructure may be vulnerable to a Spectre attack and theft of customer’s data. If your device uses any of Intel’s older microprocessors, you may be shopping around for a new machine.

Schedule Your No Obligation Initial Consultation Now

Complete this short form and schedule your no obligation 10-minute introductory phone call with Compunet Information. A member of our team will reach out immediately.

Latest Blog Posts

Should Your Vancouver Law Firm Marie Kondo Its Data?
Should Your Vancouver Law Firm Marie Kondo Its Data?
Read More
KeePass Security Exploit
KeePass Security Exploit
Read More
What is the Canadian Equivalent of HIPAA?
What is the Canadian Equivalent of HIPAA?
Read More
Read The Compunet Blog

Architecture

  • IT Management
  • Cloud Solutions
  • Software Support
  • Cybersecurity Solutions

Legal

  • Technology Management
  • Digital Transformation
  • Software Support
  • Cloud Services
  • IT Security
  • Cybersecurity Management
  • Ransomware Prevention

Accounting

  • Managed IT Services
  • Cloud Services
  • Ransomware Removal
  • Ransomware Protection

Engineering

  • Managed IT
  • Cloud
  • IT Security
  • Ransomware Removal

Cybersecurity Services

  • Microsoft MFA
  • Microsoft 365 Secure
  • Microsoft Office Protect
  • Network Security
  • Endpoint Protection
  • Dark Web Protection
Compunet infonech

Compunet InfoTech offers Managed IT Support & Hosted IT Services For Vancouver & Surrounding Areas. Serving Vancouver, Burnaby, Richmond, Surrey, Coquitlam and New Westminster.

105-135 East 15th Street
North Vancouver, BC V7L 2P7

(604) 986-8170
info@compunet.ca

  • About Us
  • Why Choose Us?
  • Media Center
  • Vancouver IT Consulting News
  • Testimonials
  • Greater Vancouver
  • Burnaby
  • North Vancouver
  • Langley
  • Surrey
  • New Westminster

© 2023 Compunet InfoTech. All Rights Reserved.

Sitemap | Privacy Policy | Website Accessibility
Attention North Vancouver Businesses: Are You Worried About Your IT Services Provider?

Get A Free Second Opinion Today from Compunet.

Our comprehensive assessment includes:

  • A thorough analysis of your current IT company’s performance
  • A customized action plan to tackle all operational issues
  • A detailed budget and project plan for seamless execution

Don’t let IT issues hold back your business. Gain the clarity you need to get your IT on the right track. With our no-obligation, risk-free assessment, you have nothing to lose. Contact Compunet now.

Interested?
Schedule Your Initial Consultation with Compunet Today.

Schedule Your Initial Consultation With The Compunet Team.

Fill in your information below to get started today.