New CPU vulnerabilities found: Intel's DOWNFALL and AMD's INCEPTION

[ImorallySourcedElectrons]

1 hour ago, Agall said:

Its also supposedly been a known vulnerability for a year, so the OEMs have had time to patch this. Dell basically told me just to have the newest version of firmware and we "should be good".

 

We're not hosting and remotely accessible virtual machines that would otherwise spell issue for this specifically, and my colleague agreed with your previous statement.

 

It's become kind of hard overall to know which exploit is patched out in which version of the software at this point for these sort of things. And especially with all the dramatic names given to them

[Agall]

5 minutes ago, ImorallySourcedElectrons said:

It's become kind of hard overall to know which exploit is patched out in which version of the software at this point for these sort of things. And especially with all the dramatic names given to them

INTEL-SA-00828 Being as direct as I could be with Dell. They couldn't confirm which BIOS update addresses this, and it makes sense once you think about it. If the vulnerability doesn't have an official designation until there's a disclosure, then they might put out the updates to microcode to fix it well in advance, likely first targeting organizations like Dell who make servers.

 

So this microcode update could've been added a year ago but Dell wouldn't know how to directly address it because it wasn't described accurately?

 

"Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available."

[leadeater]

On 8/14/2023 at 4:19 PM, _StrikE_ said:

I wouldn't call Skylake-S CPUs low end in the least (the E3-1240V5 was anything but low end, especially at the time), and no matter how you want to twist it, we where talking about the first line of Skylake Xeons, and that's the S lineup not SP.

No we were not, you might have intended that but literally anyone that says Xeon Skylake to me signifies Skylake-SP since that is only what I ever really deal with and what you would also find if you did a Google about Skylake Xeon archecture. My situation and experience predisposes me to only thinking about Skylake-SP in that type of context. I wouldn't ever expect anyone to be talking about Skylake-S Xeons when saying Xeon Skylake.

 

I brought up Broadwell and mentioned that this archecture did not have a split between desktop and Xeon like Skylake does, clearly and obviously pointing to Skylake-SP here if you want to be genuine in evaluating what I was talking about. That is the only possible variant of Skylake I could have been talking about. I further showed that when I said they were architecturally different and then again actually pointing some of those out to you.

 

So while you at one point were talking about Skylake-S I was only ever talking about the difference between Broadwell and Skylake-S/Skylake-SP and how Intel had products on longer extended support on Broadwell which would have made it easier to support anything that uses Broadwell unlike Skylake-S.

 

And yes an E3-1240V5 is a low end Xeon, that is actually it's market segment. You might not personally think that but that is it's official product segment defined by Intel and also the market. Anything of that era that used the LGA1150/1151 socket is a low end Xeon. I'm not being unfair with that statement nor rude to any buyers, only ever buy what you need, but facts are facts.

 

Now as to the problem with my statement and thought process there, Skylake-S Xeons actually had more than a year extra official support from Intel compared to consumer desktop models so the situation isn't really that different to Broadwell like I thought, even with the archecture split that started with Skylake.

 

Although my other more general comment still applies, the are many reasons for why a CPU is and is not on a support list and simply having a lot be used won't always get it there if it's past the original manufacturer support. Other down chain hardware vendors might have worked with Microsoft to get old products on the list that otherwise wouldn't have been included.

 

On 8/14/2023 at 4:19 PM, _StrikE_ said:

I'm not singling out Windows 11

You did.

 

On 8/14/2023 at 4:19 PM, _StrikE_ said:

but of course i'm afraid of what's to come from 11 going forward since all this BS started with windows 11.

You literally did it again here.

 

On 8/14/2023 at 4:19 PM, _StrikE_ said:

I just use Skylake as an example since its my CPU but i'm of course refering to all older hardware (Haswell, ivy bridge, 1st gen Ryzen, Sandy, etc), while not officially being supported they shouldn't institute such blocks either, they should keep things as such as they where prior to 11.

Microsoft can do whatever they want with their product that is not illegal. If they want to seek to bring up the minimum hardware feature support of devices that run Windows they can do that. They have not stopped anyone from installing on hardware below that desired baseline. At some point that will happen in some version of Windows and that isn't actually a bad thing.

 

If you want to keep around old unsupported hardware and use it that is perfectly fine, you may have to also run unsupported software which is also actually perfectly fine. Any ramifications by making that choice is on the one making it however. If that eventually means you can't run a newer game on a newer DirectX version then that is simply too bad. Windows 7 right now is a ligiatmely perfect OS to play games on disconnected from the internet, and even if it were internet connect the actual risk is lower than many might say but I still wouldn't advise doing it as your mainstay OS etc.

 

The reality whether you want to admit it or not you were never looking at specific CPU model support for Windows and how official support over time through service packs and build updates were removing support. So pointing out oddities in what is and is not supported in relation to only Windows 11 is rather pointless since you'll find the same oddities in prior version of Windows too. What you are actually concerned with and objecting to is how Microsoft has chosen to treat unsupported hardware, I personally have no problem with it since you can still install and we have official on the record statements from Microsoft that they will not instigate any changes to Windows that would turn on feature by default that require newer hardware under Windows 11.

 

I'll agree that we won't see eye to eye on this but for the first part of my post I won't agree to someone changing what I was talking about. I know exactly what I was talking about as do you and if we were not aligned in what we thought each other were talking about that does not change what each other were talking about. Just something to keep in mind before telling someone what they were or were not talking about.

[Owsleygarcia95]

Intel has been placing backdoors in all of there chips for years, since their fabs were moved to Israel. It's worth noting that Microsoft also does most of their core coding in Israel too. It's also worth noting that thousands of Russians have immigrated to Israel and work at these companies. This is all eaily verifiable with Google searches.

 

https://www.bankinfosecurity.com/backdoored-in-30-seconds-attack-exploits-intel-amt-feature-a-10583

[StDragon]

5 hours ago, Owsleygarcia95 said:

Intel has been placing backdoors in all of there chips for years, since their fabs were moved to Israel. It's worth noting that Microsoft also does most of their core coding in Israel too. It's also worth noting that thousands of Russians have immigrated to Israel and work at these companies. This is all eaily verifiable with Google searches.

 

https://www.bankinfosecurity.com/backdoored-in-30-seconds-attack-exploits-intel-amt-feature-a-10583

Technically, The Intel ME (Management Engine) is responsible for Intel CSME which is stored on the PCH (motherboard). So, it's not an issue on the CPU die.