From disclosure defects in the security of Meltdown and Specter More than a year has passed, but it mainly affects Intel processors. Intel has invested a lot of time and money in software security patches. Security researchers have already warned that the disadvantage is in the processor architecture itself, and that new defects will occur. After the Foreshadow attack, revealed at the end of last year, participating academics around the world have discovered a new attack.
Intel called the new security hole MDS (microarchitectural data sampling, micro-simulated data sampling) and operates a similar mechanism as Specter and Meltdown, for example speculative implementation.
MDS offers unauthorized access to data
Speculative statements to processors allow a little acceleration, but it works so that the processor "fails" what data and processes are needed to perform future operations. If Meltdown and Specter allow access to data in the main memory, the MDS provides unauthorized access to data while moving between the individual components of the processor unit, for example between the core and the cache. With this you can attackers "listen" to a computer – gain insight into the processes being implemented and all the data used to implement them, including possibly passwords and other sensitive information.
AMD processors and ARM processors are not sensitive to MDS. The researchers tested the Intel processors for testing in 2008. They tested different batches and discovered that the affected models for different devices, that is, server, portable and desktop processors. In particular, the fact that the latest Intel i9 series processors are particularly vulnerable to the attack, despite the built-in protection for Meltdown.
The MDS was discovered at different levels last year. Intel has asked researchers to wait until the results are announced, until they have prepared the relevant ones software updates, which should prevent the IMF implementation. Google, Microsoft, Apple and other companies have already responded to the discovery and promise immediate security solutions. Intel promises that revisions will not have a negative impact on processor speeds, although some measurements also indicate 9% slower effect.
Intel and researchers disagree about the seriousness of the IMF
Intel regards it as a relatively harmless defect and accordingly it has been attributed to low to medium importance. This classification is disputed by researchers from the University of Graz and the University of Free Amsterdam, who they recommend that Intel disable the hyperthreading function.
Hyperthreading ensures improved simultaneous implementation of different processes, and Intel is opposed to refuting it because it would be influenced too much by the speed of the processors.
You can check the status of your processor with the free MDS Tool that is available on the official site of researchers (find it somewhere in the middle of the page).