Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 12 MINUTES AGO.
You are here: Home / Data Security / Flaw in Skylake, Kaby Lake Chips
Critical Flaw Found in Intel Skylake, Kaby Lake Processors
Critical Flaw Found in Intel Skylake, Kaby Lake Processors
By Shirley Siluk / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JUNE
26
2017
A newly identified defect in Intel's Skylake and Kaby Lake processors could cause devices with hyper-threading enabled to "dangerously misbehave," a Debian project researcher warned yesterday.

Users with 6th- and 7th-generation Intel core processors should disable hyper-threading "immediately" to avoid problems with their systems, Henrique de Moraes Holschuh said in an advisory to Debian developer mailing list subscribers sent out Sunday. The defect also affects related Intel server processors, such as the Xeon v5 and v6, as well as "select Intel Pentium processor models," Holschuh added.

Recently, Intel documented the defect in several specification updates for the affected processors and made microcode fixes available for some Skylake processors, according to Holschuh. However, it's not clear whether the updates made to date will address the issue in Kaby Lake processors, he noted.

Malfunction Reports Dating to Q2 2016

OCaml developer Mark Shinwell contacted the Debian team late last month about an Intel processor issue that could be triggered by a compiler for the OCaml open source software project, according to Holschuh's advisory. He added that OCaml developers had been aware of this issue since January, with "reports of malfunctions going at least as far back as Q2 2016."

Shinwell reported that he later found changelog information from Intel about a possible fix for a microcode defect, and verified that the fix addressed the processor issue identified earlier by the OCaml community.

"We do not have enough information at this time to know how much software out there will trigger this specific defect," Holschuh said yesterday. "The reported effects of the processor defect were: compiler and application crashes, incorrect program behavior, including incorrect program output."

Called HT Technology, hyper-threading is Intel's proprietary approach to simulataneous multithreading. Introduced in 2002, it enables multiple computing tasks to be handled at the same time on the same core.

Fix Depends on Processor Type

Holschuh said the new hyper-threading-related defect affects systems with Intel processors released in September 2015 and later. The issue does not apply to processors that don't support hyper-threading, he added. The defect also can "potentially affect any operating system," not just Debian- or Linux-based ones, he noted.

Users with affected Skylake processor models 78 or 94 should install the "non-free 'intel-microcode' package with base version 3.20170511.1" and then reboot their systems, Holschuh said. Those with other Skylake model numbers should disable hyper-threading and then contact their vendors for a BIOS/UEFI fix, he added. Users with Kaby Lake processors should also disable hyper-threading and get in touch with their systems' vendors.

Last month, Intel issued a security advisory about another vulnerability that a researcher identified that had existed in enterprise system firmware since 2010-2011. In 2005, Canadian computer scientist Colin Percival also identified a hyper-threading-related security flaw that affected earlier Intel Pentium and Xeon processors.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN DATA SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.