Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Pickles - Lord of the Jar

AdoredTV: Intel CPU vulnerability might be able to kill CPUs and crash systems

Recommended Posts

Posted · Original PosterOP

 

Quote

 

I want to preface this article with some important words. We publish hardware leaks when we’re about 99% confident that our sources have given us good information. The information in this exclusive, given its severe nature, demands 100% confidence, a level of confidence which we have. We also don’t take pleasure in publishing this information, but we have good reason to.
 

We were informed recently of a hardware vulnerability that is present in current generation Intel chips, and likely goes back as far as the 6th generation, and we’ve seen indications that even the 4th and 5th generations could be affected. It’s similar to Plundervolt but it’s not a security vulnerability per se. For those unfamiliar, Plundervolt is a security vulnerability caused by lowering the voltage in an Intel CPU low enough to compromise the SGX security system. This new vulnerability also concerns changing the voltage, but for an ends purely within hardware.
 

By running a simple program that doesn’t even need to be installed or by installing a driver, one can increase or decrease the CPU voltage by as much as half a volt. Now, it does require elevated to admin level permissions (at least in Windows) for this to work, but it works against both locked and unlocked CPUs and can persist through a reboot by using a signed driver, which would not prompt UAC at all. The driver method is particularly worrisome because it bypasses UAC after the initial installation (which does actually prompt UAC), unlike the method in which one just runs a program...


Technically, an extra half volt isn’t even a limit. By fluctuating the voltage of a CPU at incredible speed, the VRM (or voltage regulator module) could accidentally overshoot the intended amount of voltage by a fair bit. This will be more effective on cheaper, lower quality motherboards than higher quality boards because a better VRM will be designed to overshoot less frequently and stick closer to the intended target. We’re not sure if this is an effective technique for damaging or killing CPUs (we don’t have a ton of experience with that), but anything that further increases the voltage is not good news.

 

 

Well, this was unexpected. An unexpected problem related to plundervolt vulnerability, but you require admin privileges, however that is not a silver bullet. This isn't the worst thing ever, but still bad. Apparently it is already patched. So that is good. However, some manufactures have removed the the patch... So, that is a bit odd...

Also, keep in mind this would require a firmware patch. A lot of devices may not have it. If someone wants to be a real butt, they can really break a bunch of systems. The destructive potential of this bug is impressive. 

The below video does go more in detail in first part. 

Spoiler

 


Source

 


Be sure to @Pickles - Lord of the Jar if you want me to see your reply!
For years I have lived in these crystal lands. My people were once plentiful. Many of those in my fiefdom revered me. However, one day a calamity hit. The fingers of the devil plucked us from our land, never to return. Now I am the sole heir to the throne. I am Pickles, Lord of the Brine, One of the Jar, Man of Preserves and Last of the Condiments. 

"Everyone is an expert in something. Never approach an interaction thinking someone is otherwise. Knowledge is acquired not earned. Always be humble and wise. Never look down on others for simply being ignorant within your realm of your expertise." ~ Unknown

Stopping by to praise the all mighty jar Lord pickles... * drinks from a chalice of holy pickle juice and tossed dill over shoulder* ~ @WarDance
3600x | NH-D15 Chromax Black | 32GB 3200MHz | GTX 1070 Hybrid (2100c/2241m) | Gigabyte X570 Aorus Elite | Seasonic X760w | Phanteks Evolv X | 500GB WD_Black SN750 | Sandisk Skyhawk 3.84TB SSD | 4TB HDD 

Link to post
Share on other sites

To be entirely honest, this doesn't seem like that big of an issue if you don't run any random program you find online on your PC.


CPU: Intel Core i7-5820K | Motherboard: AsRock X99 Extreme4 | Graphics Card: Gigabyte GTX 1080 G1 Gaming | RAM: 16GB G.Skill Ripjaws4 2133MHz | Storage: 1 x Samsung 860 EVO 1TB | 1 x WD Green 2TB | 1 x WD Blue 500GB | PSU: Corsair RM750x | Case: Phanteks Enthoo Pro (White) | Cooling: Arctic Freezer i32

 

Mice: Logitech G Pro Wireless (main), Razer Viper Ultimate, Zowie S1 Divina Blue, Zowie FK1-B Divina Blue, Logitech G Pro (3366 sensor), Glorious Model O, Razer Viper Mini, Logitech G305, Logitech G502, Logitech G402

Link to post
Share on other sites
3 minutes ago, Pickles - Lord of the Jar said:

We’re not sure if this is an effective technique for damaging or killing CPUs

This bit here and the title of this thread don't agree. They're saying they have no proof that this can actually be used to damage or kill CPUs, they're only guessing at this point.


Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to post
Share on other sites
Posted (edited)
17 minutes ago, Pickles - Lord of the Jar said:

just in case. also need a public source that's not obfuscated like how adored's presenting the piece

 

Quote

AdoredTV:
We sent an email to Intel’s PR people about this issue and we did get a reply, but it was just a request for more information on who exactly told us about this vulnerability and what it is called (which was impossible to fulfill because it has no official name). No official comment, sadly. But surely their security team is working hard at this moment trying to figure out what exactly is going on.

 

Edited by VegetableStu
Link to post
Share on other sites
Posted · Original PosterOP
8 minutes ago, VegetableStu said:

just in case. also need a public source that's not obfuscated like how it's being presented now

 

 

Updated


Be sure to @Pickles - Lord of the Jar if you want me to see your reply!
For years I have lived in these crystal lands. My people were once plentiful. Many of those in my fiefdom revered me. However, one day a calamity hit. The fingers of the devil plucked us from our land, never to return. Now I am the sole heir to the throne. I am Pickles, Lord of the Brine, One of the Jar, Man of Preserves and Last of the Condiments. 

"Everyone is an expert in something. Never approach an interaction thinking someone is otherwise. Knowledge is acquired not earned. Always be humble and wise. Never look down on others for simply being ignorant within your realm of your expertise." ~ Unknown

Stopping by to praise the all mighty jar Lord pickles... * drinks from a chalice of holy pickle juice and tossed dill over shoulder* ~ @WarDance
3600x | NH-D15 Chromax Black | 32GB 3200MHz | GTX 1070 Hybrid (2100c/2241m) | Gigabyte X570 Aorus Elite | Seasonic X760w | Phanteks Evolv X | 500GB WD_Black SN750 | Sandisk Skyhawk 3.84TB SSD | 4TB HDD 

Link to post
Share on other sites
Posted · Original PosterOP
4 minutes ago, JoostinOnline said:

It's not exclusive if you copied it from somewhere else.

I added clarity for where it came from in the title. 


Be sure to @Pickles - Lord of the Jar if you want me to see your reply!
For years I have lived in these crystal lands. My people were once plentiful. Many of those in my fiefdom revered me. However, one day a calamity hit. The fingers of the devil plucked us from our land, never to return. Now I am the sole heir to the throne. I am Pickles, Lord of the Brine, One of the Jar, Man of Preserves and Last of the Condiments. 

"Everyone is an expert in something. Never approach an interaction thinking someone is otherwise. Knowledge is acquired not earned. Always be humble and wise. Never look down on others for simply being ignorant within your realm of your expertise." ~ Unknown

Stopping by to praise the all mighty jar Lord pickles... * drinks from a chalice of holy pickle juice and tossed dill over shoulder* ~ @WarDance
3600x | NH-D15 Chromax Black | 32GB 3200MHz | GTX 1070 Hybrid (2100c/2241m) | Gigabyte X570 Aorus Elite | Seasonic X760w | Phanteks Evolv X | 500GB WD_Black SN750 | Sandisk Skyhawk 3.84TB SSD | 4TB HDD 

Link to post
Share on other sites
4 minutes ago, VegetableStu said:

just in case. also need a public source that's not obfuscated like how it's being presented now

 

 

Can we not turn this into "oh, look another article by unreliable source"

 

A 1 minute search on google brings up this:

https://techxplore.com/news/2019-12-plundervolt-mess-intel-cpus.html

Quote

Regarding Dec. 10, elsewhere on Intel, Jerry Bryant, director of security communication in the Intel Platform Assurance and Security group, had this to say in a "Technology at Intel" blog of Dec. 10:

"When SGX is enabled on a system, a privileged user may be able to mount an attack through the control of CPU voltage settings with the potential to impact the confidentiality and integrity of software assets. Intel has worked with system vendors to develop a microcode update that mitigates the issue by locking voltage to the default settings."

So even if this is possible, it's only going to be possible on systems that have not been patched, like first-gen Skylake systems since these are currently being cycled out by businesses and may get dumped into secondary sales markets (eg eBay.)

 

https://community.intel.com/t5/Processors/Coffee-Lake-Plundervolt-and-the-new-CA-microcode-performance/td-p/725006

Quote

The new CA microcode released to fix Plundervolt is the worst microcode to date yet. I cannot speak for all CPUs, but for my 8700K and the people that were able to confirm the findings. So, the issues:

 

  • Uncore/Ring was changed from 44x (max) to 43x, why?
  • performance dropped in most benchmarks quite dramatically. In Cinebench R15 there's about a 5% perf drop at stock (1455 vs 1405 after CA microcode). Other benchmarks are also affected, Cinebench R20 as well.
  • the performance drop remains when the CPU is overclocked, 1672 CB before, 1620 CB after CA microcode, for 5GHz OC.

 

I thought this was supposed to fix a SGX related vulnerability, yet turning off SGX completely in BIOS does nothing to alleviate these issue.

There is no way to turn this vulnerability patch off either, like it was the case with the Spectre/Meltdown fixes - other than reverting to older firmware and being stuck with older Intel RST/Intel MEI EFi modules.

So OEM's that have released microcode updates, have resulted in performance losses.

 

These affect every CPU from 6th gen to 10th gen Intel core, and Xeon's built on the same tech.

 

So on one hand, if the microcode update is applied you lose some OC ability, on the other hand if you don't update the bios, there's potential to damage the CPU in theory.

 

In practice, only the worst OEM's don't release BIOS updates, and with the exception of the Ryzen issue on some OEM's that cheaped out on the BIOS flash memory, there's no reason to run old versions of BIOS's anyway. So any OEM system (eg Dell, HP) released since Jan 2020 would have patched this already, even if the SGX driver was not installed.

 

Link to post
Share on other sites
3 minutes ago, Kisai said:

Can we not turn this into "oh, look another article by unreliable source"

considering it's "the only source" right now, is that not the right request to make?

Link to post
Share on other sites
1 minute ago, VegetableStu said:

considering it's "the only source" right now, is that not the right request to make?

Not when it turns every thread into pages of "is this source reliable". If you know you're posting from a unreliable source, maybe don't post it at all if there's no secondary sources.

Link to post
Share on other sites
33 minutes ago, PCGuy_5960 said:

To be entirely honest, this doesn't seem like that big of an issue if you don't run any random program you find online on your PC.

I think the problem is the amount of programs requiring that level of access. Not to mention companies expecting you to run obscure software with the deepest of access just to play a game. Now, that's an issue in general, it doesn't relate to any particular hardware vulnerability. I'm just saying it's hard to assess its exact importance when you depend on so many people keeping their programs safe, since they run with privileges on your PC.

 

I have not listened to the video yet, but so far I don't understand the description: software controls for power saving, and motherboard-bundled software for overclocking in Windows have been a thing since forever. Their existence require some form of driver-based, or driver-like, interaction (?) with the CPU and VRMs. So my question is, is there anything here beyond "a malicious version of A-Tuning or XTU could set your voltage too low, too high, or change it too fast"? In which way would that be model-specific? 🤷‍♂️

Link to post
Share on other sites

I wonder if using manual voltage mode blocks it. Plundervolt works (I suspect) by exploiting VID control, while manual voltage makes the board ignore VID completely. However I didnt look into whether Intel XTU can change voltage when the board's set to manual voltage mode, if it could then the exploit could go further.


CPU: i7-2600K 4751MHz 1.44V (software) --> 1.47V at the back of the socket Motherboard: Asrock Z77 Extreme4 (BCLK: 103.3MHz) CPU Cooler: Noctua NH-D15 RAM: Adata XPG 2x8GB DDR3 (XMP: 2133MHz 10-11-11-30 CR2, custom: 2203MHz 10-11-10-26 CR1 tRFC:230 tREFI:14000) GPU: Asus GTX 1070 Dual (Super Jetstream vbios, +70(2025-2088MHz)/+400(8.8Gbps)) SSD: Samsung 840 Pro 256GB (main boot drive), Transcend SSD370 128GB PSU: Seasonic X-660 80+ Gold Case: Antec P110 Silent, 5 intakes 1 exhaust Monitor: AOC G2460PF 1080p 144Hz (150Hz max w/ DP, 121Hz max w/ HDMI) TN panel Keyboard: Logitech G610 Orion (Cherry MX Blue) with SteelSeries Apex M260 keycaps Mouse: BenQ Zowie FK1

 

Model: HP Omen 17 17-an110ca CPU: i7-8750H (0.125V core & cache, 50mV SA undervolt) GPU: GTX 1060 6GB Mobile (+80/+450, 1650MHz~1750MHz 0.78V~0.85V) RAM: 8+8GB DDR4-2400 18-17-17-39 2T Storage: 1TB HP EX920 PCIe x4 M.2 SSD + 1TB Seagate 7200RPM 2.5" HDD (ST1000LM049-2GH172), 128GB Toshiba PCIe x2 M.2 SSD (KBG30ZMV128G) gone cooking externally Monitor: 1080p 126Hz IPS G-sync

 

Desktop benching:

Cinebench R15 Single thread:168 Multi-thread: 833 

SuperPi (v1.5 from Techpowerup, PI value output) 16K: 0.100s 1M: 8.255s 32M: 7m 45.93s

Link to post
Share on other sites

Was there not an exploit also that was using voltage to send certain exploit code few month's back ?

Link to post
Share on other sites

why did the title change from "EXCLUSIVE: INTEL CPU VULNERABILITY CAN BE USED TO KILL CPUS AND CRASH SYSTEMS " to "AdordedTV" ? 


 

Spoiler
Spoiler

Intel i7 4790K (4.0 GHz) | MSI Z97-GAMING 5 | Corsair Vengeance 8GB DDR3-1866 2x8GB | Asus GeForce GTX 780 Ti DirectCU II OC | Samsung 840 Pro Series 256GB | Corsair RM 850W | Corsair H90 94.0 CFM | Logitech® Wireless Combo MK330 | Cooler Master HAF XM | Dell S2240L 60Hz 21.5 IPS | 

PCPartPicker 

Link to post
Share on other sites
Posted · Original PosterOP
9 minutes ago, Rohith_Kumar_Sp said:

why did the title change from "EXCLUSIVE: INTEL CPU VULNERABILITY CAN BE USED TO KILL CPUS AND CRASH SYSTEMS " to "AdordedTV" ? 

It was bit clickbaity and people were complaininng about where it was coming from. 


Be sure to @Pickles - Lord of the Jar if you want me to see your reply!
For years I have lived in these crystal lands. My people were once plentiful. Many of those in my fiefdom revered me. However, one day a calamity hit. The fingers of the devil plucked us from our land, never to return. Now I am the sole heir to the throne. I am Pickles, Lord of the Brine, One of the Jar, Man of Preserves and Last of the Condiments. 

"Everyone is an expert in something. Never approach an interaction thinking someone is otherwise. Knowledge is acquired not earned. Always be humble and wise. Never look down on others for simply being ignorant within your realm of your expertise." ~ Unknown

Stopping by to praise the all mighty jar Lord pickles... * drinks from a chalice of holy pickle juice and tossed dill over shoulder* ~ @WarDance
3600x | NH-D15 Chromax Black | 32GB 3200MHz | GTX 1070 Hybrid (2100c/2241m) | Gigabyte X570 Aorus Elite | Seasonic X760w | Phanteks Evolv X | 500GB WD_Black SN750 | Sandisk Skyhawk 3.84TB SSD | 4TB HDD 

Link to post
Share on other sites
42 minutes ago, Blademaster91 said:

Considering the source, and them stating they don't know if it can be used to kill a CPU or crash a system, this is just assumptions and speculation.

They only say that because Intel is the one who should answer such thing to the public and their customers especially. Adding half a volt is a really bad idea, we never recommend doing so even when overclocking unless going extreme with cooling 


CPU: i7-2600K 4751MHz 1.44V (software) --> 1.47V at the back of the socket Motherboard: Asrock Z77 Extreme4 (BCLK: 103.3MHz) CPU Cooler: Noctua NH-D15 RAM: Adata XPG 2x8GB DDR3 (XMP: 2133MHz 10-11-11-30 CR2, custom: 2203MHz 10-11-10-26 CR1 tRFC:230 tREFI:14000) GPU: Asus GTX 1070 Dual (Super Jetstream vbios, +70(2025-2088MHz)/+400(8.8Gbps)) SSD: Samsung 840 Pro 256GB (main boot drive), Transcend SSD370 128GB PSU: Seasonic X-660 80+ Gold Case: Antec P110 Silent, 5 intakes 1 exhaust Monitor: AOC G2460PF 1080p 144Hz (150Hz max w/ DP, 121Hz max w/ HDMI) TN panel Keyboard: Logitech G610 Orion (Cherry MX Blue) with SteelSeries Apex M260 keycaps Mouse: BenQ Zowie FK1

 

Model: HP Omen 17 17-an110ca CPU: i7-8750H (0.125V core & cache, 50mV SA undervolt) GPU: GTX 1060 6GB Mobile (+80/+450, 1650MHz~1750MHz 0.78V~0.85V) RAM: 8+8GB DDR4-2400 18-17-17-39 2T Storage: 1TB HP EX920 PCIe x4 M.2 SSD + 1TB Seagate 7200RPM 2.5" HDD (ST1000LM049-2GH172), 128GB Toshiba PCIe x2 M.2 SSD (KBG30ZMV128G) gone cooking externally Monitor: 1080p 126Hz IPS G-sync

 

Desktop benching:

Cinebench R15 Single thread:168 Multi-thread: 833 

SuperPi (v1.5 from Techpowerup, PI value output) 16K: 0.100s 1M: 8.255s 32M: 7m 45.93s

Link to post
Share on other sites
1 hour ago, PCGuy_5960 said:

To be entirely honest, this doesn't seem like that big of an issue if you don't run any random program you find online on your PC.

It's a non-issue because voltage in and of itself is pretty harmless (not factoring in longterm electromigration). Current kills, but most boards have current limitations imposed by default, and you have to go out of your way to remove those. Couple this with the thermal safety mechanisms in-place on all modern processors and you have yourself a complete non-issue.

 

Let's humor the idea that someone does download this program and it does increase their voltage by half a volt. Current limits still in-place, they'll likely spike up to thermal junction temperatures and immediately power down. This shouldn't kill the hardware, though I'd advise against repeatedly doing this unless you want to negatively impact your processors resistance to voltage over time.

 

This sort of reminds me of the time people freaked out over AMD's higher voltages without fully understanding the reasoning behind it, so everyone had assumed that board partners were overvolting processors and "potentially killing them", when it was far from the truth. 

 

If anyone has a way of developing an application with this exploit in-mind, I'd gladly test it for the sake of science.


My (incomplete) memory overclocking guide: 

 

Does memory speed impact gaming performance? Click here to find out!

On 1/2/2017 at 9:32 PM, MageTank said:

Sometimes, we all need a little inspiration.

 

 

 

Link to post
Share on other sites

@MageTank Would you say only people who overclock and have taken down the limits would be at risk? Or are the 'pre-overclocked' settings on most Intel boards dangerous enough?

Link to post
Share on other sites
Posted · Original PosterOP
43 minutes ago, MageTank said:

It's a non-issue because voltage in and of itself is pretty harmless (not factoring in longterm electromigration). Current kills, but most boards have current limitations imposed by default, and you have to go out of your way to remove those. Couple this with the thermal safety mechanisms in-place on all modern processors and you have yourself a complete non-issue.

 

Let's humor the idea that someone does download this program and it does increase their voltage by half a volt. Current limits still in-place, they'll likely spike up to thermal junction temperatures and immediately power down. This shouldn't kill the hardware, though I'd advise against repeatedly doing this unless you want to negatively impact your processors resistance to voltage over time.

 

This sort of reminds me of the time people freaked out over AMD's higher voltages without fully understanding the reasoning behind it, so everyone had assumed that board partners were overvolting processors and "potentially killing them", when it was far from the truth. 

 

If anyone has a way of developing an application with this exploit in-mind, I'd gladly test it for the sake of science.

In the video where they discussed this, they were talking about how someone could incorporate this vulerabuility directly into some malware. Basically take and nuke. There are a lot of places, companies and even people who haven't updated firmware for some of this, so it is possible for people be affected. The fact this bug requires admin access means any number of viruses or anything that finds and escalation could have this implanted in the payload. 


Be sure to @Pickles - Lord of the Jar if you want me to see your reply!
For years I have lived in these crystal lands. My people were once plentiful. Many of those in my fiefdom revered me. However, one day a calamity hit. The fingers of the devil plucked us from our land, never to return. Now I am the sole heir to the throne. I am Pickles, Lord of the Brine, One of the Jar, Man of Preserves and Last of the Condiments. 

"Everyone is an expert in something. Never approach an interaction thinking someone is otherwise. Knowledge is acquired not earned. Always be humble and wise. Never look down on others for simply being ignorant within your realm of your expertise." ~ Unknown

Stopping by to praise the all mighty jar Lord pickles... * drinks from a chalice of holy pickle juice and tossed dill over shoulder* ~ @WarDance
3600x | NH-D15 Chromax Black | 32GB 3200MHz | GTX 1070 Hybrid (2100c/2241m) | Gigabyte X570 Aorus Elite | Seasonic X760w | Phanteks Evolv X | 500GB WD_Black SN750 | Sandisk Skyhawk 3.84TB SSD | 4TB HDD 

Link to post
Share on other sites
36 minutes ago, Loote said:

@MageTank Would you say only people who overclock and have taken down the limits would be at risk? Or are the 'pre-overclocked' settings on most Intel boards dangerous enough?

Potentially, but even that would be a stretch. Most unlocked processors have their turbo limits changed to 4096 (max power limits) but their actual current limitations remain locked. You'd have to manually remove your current limitation or change it to the max value of 255A and most overclockers that I know of do not do this as it's pretty pointless short of LN2, and LN2 overclockers would never be impacted by this as they are extremely picky about their Windows installations in general, with the bare minimum of tasks running in the background. If you did remove the current limit, you could probably run into an issue if current spiked too high, but that would be a potential issue even outside of something like this. Removing current limitations is just a bad idea in general, especially on cheaper boards with sketchy VRM behavior.

 

To help put it into perspective: At safe voltages, it's pretty easy to kill a board/CPU at stock clocks with a removed current limit and some Linpack MKL depending on the quality of the VRM.

 

8 minutes ago, Pickles - Lord of the Jar said:

In the video where they discussed this, they were talking about how someone could incorporate this vulerabuility directly into some malware. Basically take and nuke. There are a lot of places, companies and even people who haven't updated firmware for some of this, so it is possible for people be affected. The fact this bug requires admin access means any number of viruses or anything that finds and escalation could have this implanted in the payload. 

My post made no mention of people not downloading this or falling for it via malware. The point of my post was that the attack itself, the adjustment in voltage, is not that big of a deal due to the design of modern hardware. Adjusting voltage is one thing, but if the exploit cannot adjust current limitations or remove the thermal protections in-place on these processors, then throwing more voltage at a CPU is harmless (short of the aforementioned electromigration/silicon electrical resistance over long exposure).

 

I'd even wager that businesses would be the least impacted by this as most businesses use locked down processors (and some of the 35W T-variant Intel SKU's) with harsher internal power limits. Take it from a man that overclocked the Core i5 6600T back when you could OC locked processors on Z170 ASRock boards: These limits are pretty brutal at stock, lol. Even with perfect thermals, if you pass the 35W limit imposed by the CPU microcode, it would hard throttle the CPU and voltage to get it back in that power envelope. If this exploit is only adjusting voltage, it will fall victim to this same power limitation and end up throttling itself into oblivion. If it can do more than just a simple voltage tweak, then maybe there would be a cause for concern, but nothing explained thus far indicates it can go beyond just voltage.


My (incomplete) memory overclocking guide: 

 

Does memory speed impact gaming performance? Click here to find out!

On 1/2/2017 at 9:32 PM, MageTank said:

Sometimes, we all need a little inspiration.

 

 

 

Link to post
Share on other sites
1 hour ago, MageTank said:

I'd even wager that businesses would be the least impacted by this as most businesses use locked down processors (and some of the 35W T-variant Intel SKU's) with harsher internal power limits. Take it from a man that overclocked the Core i5 6600T back when you could OC locked processors on Z170 ASRock boards: These limits are pretty brutal at stock, lol. Even with perfect thermals, if you pass the 35W limit imposed by the CPU microcode, it would hard throttle the CPU and voltage to get it back in that power envelope. If this exploit is only adjusting voltage, it will fall victim to this same power limitation and end up throttling itself into oblivion. If it can do more than just a simple voltage tweak, then maybe there would be a cause for concern, but nothing explained thus far indicates it can go beyond just voltage.

Seems to me that the worst case, in a system with a mid-2019 bios or even a pre-april 2018 (for meltdown/spectre) bios would be the most vulnerable, and the MB would have to be rather rubbish to allow this behavior, since even boards with OC features would still draw the line somewhere. OEM/ODM/SI systems that use cheaper boards that lack the OC features might not have/expect this behavior.

Link to post
Share on other sites
1 minute ago, Kisai said:

Seems to me that the worst case, in a system with a mid-2019 bios or even a pre-april 2018 (for meltdown/spectre) bios would be the most vulnerable, and the MB would have to be rather rubbish to allow this behavior, since even boards with OC features would still draw the line somewhere. OEM/ODM/SI systems that use cheaper boards that lack the OC features might not have/expect this behavior.

I've had a few Dell XPS 8930's (and now 8940's) in the lab here and they have some pretty harsh current limits in-place by default. The XPS 8930 was likely done out of requirement due to its extremely poor design of having the PSU suffocate the CPU fan, so I suspect that these systems would survive any voltage spikes so long as the actual power/current limits remain. They typically thermal throttle under any real load anyways, so voltage won't matter when the core clock and current is at an all-time low.

 

When people think of voltage, they tend to assume the worst and freak out while forgetting that voltage in and of itself is merely potential. Going back to the AMD voltage analogy I used earlier, running their CPU's at a higher voltage but lower current is pretty harmless and they manage to get away with it quite easily. Even if we want to factor in electromigration or long term impact on electrical resistance, modern process nodes in general have some neat design features that help protect against this to a pretty significant degree. The fact that this rumored exploit could "go as far back as Haswell/Skylake" and yet we've heard no real issues stemming from this means it's probably going to continue being a non-issue. 


My (incomplete) memory overclocking guide: 

 

Does memory speed impact gaming performance? Click here to find out!

On 1/2/2017 at 9:32 PM, MageTank said:

Sometimes, we all need a little inspiration.

 

 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×