Tag Archives: Cybersecurity

New Kaspersky Cloud Sandbox Service Revealed!

The Kaspersky Cloud Sandbox Service Revealed!

To help companies improve their investigation and response to complex threats, Kaspersky Lab just launched a new service called Kaspersky Cloud Sandbox. It gives businesses the opportunity to take advantage of sandboxes without any additional investments into hardware infrastructure.

The Kaspersky Cloud Sandbox solution is available by subscription as part of the Kaspersky Threat Intelligence Portal. Allowing customers to ‘detonate’ suspicious files in a virtual environment with a full report on the file’s activities, it is designed to boost the efficiency of incident response and cybersecurity forensics without any risks to the company’s IT systems.

 

The Kaspersky Cloud Sandbox Revealed!

Exploiting legitimate software flaws became an efficient commodity for cybercriminals in 2017, as malicious activities can be easily hidden behind trusted processes. Even an experienced cybersecurity team can’t always be sure if it has spotted all the malware using such concealment techniques.

To achieve that, teams have to be equipped with advanced detection technologies, including sandboxing, which often requires significant hardware investments that are not easily feasible for many IT Security teams.

With Kaspersky Cloud Sandbox, advanced detection and forensic capabilities are available as a service within the Kaspersky Threat Intelligence Portal, allowing cybersecurity teams to ensure they meet their budget requirements while also benefitting from advanced technology.

The service enables cybersecurity teams and security operations center (SOC) specialists to obtain deep insights into malware behavior and design, detecting targeted cyberthreats that were not identified in the wild.

Advanced anti-evasion techniques: revealing a hidden truth

To lure malware into revealing its harmful potential, sandbox technology performance should possess advanced anti-evasion techniques. A malicious program, developed to run in a certain software environment, will not explode on a ‘clean’ virtual machine, and will most probably destroy itself without a trace.

To avoid this, Kaspersky Cloud Sandbox applies the user’s various emulation techniques, such as Windows button clicking, document scrolling, special routine processes giving malware an opportunity to expose itself, the randomization of user environment parameters and many others.

Logging system: nothing gets missed in the noise

Once a piece of malware starts running its destructive activities, another innovative Kaspersky Cloud Sandbox technology comes to force: its logging subsystem intercepts malicious actions non-invasively.

When a Word document starts to behave suspiciously – for example, if it starts building a string in the machine memory, executing Shell commands, or dropping its payloads (all abnormal activities for a text document) – these events are registered in the Kaspersky Cloud Security logging subsystem.

It has extensive functionality able to detect a vast spectrum of malicious events including DLLs, registry key registration and modification, HTTP and DNS requests, file creation, deletion and modification etc. The customer is then provided with a full report containing data visualization graphs and screenshots, as well as a readable sandbox log.

Detection and incident response performance: second to none

Kaspersky Cloud Sandbox detection performance is backed up with big data of real-time threat intelligence from Kaspersky Security Network (KSN), providing customers with immediate status on both known and new threats discovered in the wild.

Advanced behavioral analysis based on more than 20 years of Kaspersky Lab threat research experience of fighting the most complex threats, allows customers to detect previously unseen malicious objects.

[adrotate group=”2″]

As well as getting advanced detection capabilities, SOC experts and researchers can amplify their incident response activities with other services available through the Kaspersky Threat Intelligence Portal.

When performing digital forensics or an incident response, a cybersecurity officer can receive the latest detailed threat intelligence about URLs, domains, IP addresses, file hashes, threat names, statistical/behavior data and WHOIS/DNS data, and then link that knowledge to the IOCs generated by the sample that was analyzed within the cloud sandbox.

APIs to automate its integration into customer security operations are also available, allowing cybersecurity teams to boost their incident investigations in a matter of minutes.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

 

Facebook Privacy Tools Are Now Easier To Find. Yay?

Facebook has been doing a belated job of closing the barn door after the horses have bolted out and rampaged through the village. Now they officially announced that Facebook privacy tools are “easier to find”. Yay for transparency?

Read the official Facebook press release on making privacy tools easier to find… and tell us what you think!

 

Facebook Privacy Tools Now Easier To Find

By Erin Egan, VP and Chief Privacy Officer, Policy and Ashlie Beringer, VP and Deputy General Counsel

Last week showed how much more work we need to do to enforce our policies and help people understand how Facebook works and the choices they have over their data. We’ve heard loud and clear that privacy settings and other important tools are too hard to find and that we must do more to keep people informed.

So in addition to Mark Zuckerberg’s announcements last week – cracking down on abuse of the Facebook platform, strengthening our policies, and making it easier for people to revoke apps’ ability to use your data – we’re taking additional steps in the coming weeks to put people more in control of their privacy.

Most of these updates have been in the works for some time, but the events of the past several days underscore their importance.

Making Data Settings and Tools Easier to Find

Controls that are easier to find and use. We’ve redesigned our entire settings menu on mobile devices from top to bottom to make things easier to find. Instead of having settings spread across nearly 20 different screens, they’re now accessible from a single place. We’ve also cleaned up outdated settings so it’s clear what information can and can’t be shared with apps.

New Privacy Shortcuts menu. People have also told us that information about privacy, security, and ads should be much easier to find. The new Privacy Shortcuts is a menu where you can control your data in just a few taps, with clearer explanations of how our controls work. The experience is now clearer, more visual, and easy-to-find. From here you can:

  • Make your account more secure: You can add more layers of protection to your account, like two-factor authentication. If you turn this on and someone tries to log into your account from a device we don’t recogni​se, you’ll be asked to confirm whether it was you.
  • Control your personal information: You can review what you’ve shared and delete it if you want to. This includes posts you’ve shared or reacted to, friend requests you’ve sent, and things you’ve searched for on Facebook.
  • Control the ads you see: You can manage the information we use to show you ads. Ad preferences explains how ads work and the options you have.
  • Manage who sees your posts and profile information: You own what you share on Facebook, and you can manage things like who sees your posts and the information you choose to include on your profile.

Tools to find, download and delete your Facebook data.

It’s one thing to have a policy explaining what data we collect and use, but it’s even more useful when people see and manage their own information. Some people want to delete things they’ve shared in the past, while others are just curious about the information Facebook has.

So we’re introducing Access Your Information – a secure way for people to access and manage their information, such as posts, reactions, comments, and things you’ve searched for. You can go here to delete anything from your timeline or profile that you no longer want on Facebook.

We’re also making it easier to download the data you’ve shared with Facebook – it’s your data, after all. You can download a secure copy and even move it to another service. This includes photos you’ve uploaded, contacts you’ve added to your account, posts on your timeline, and more.

The Road Ahead

[adrotate group=”2″]

It’s also our responsibility to tell you how we collect and use your data in language that’s detailed, but also easy to understand. In the coming weeks, we’ll be proposing updates to Facebook’s terms of service that include our commitments to people.

We’ll also update our data policy to better spell out what data we collect and how we use it. These updates are about transparency – not about gaining new rights to collect, use, or share data.

We’ve worked with regulators, legislators and privacy experts on these tools and updates. We’ll have more to share in the coming weeks, including updates on the measures Mark shared last week.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

TUV Rheinland : Cyber Risk Management for Industry 4.0

On 19 March 2018, TUV Rheinland invited us to an exclusive Industry 4.0 cybersecurity seminar. Entitled Cyber Risk Management for Industry 4.0, it looks at the role of cybersecurity in securing critical infrastructure and heavy industries, and paving the way for Industry 4.0.

Join us for the presentations by TUV Rheinland cybersecurity experts on how you can secure your company against the latest cyberthreats.

 

Industry 4.0

Industry 4.0 refers to the new industrial trend of creating “smart factories” with highly-networked manufacturing technologies.

Also referred to as the 4th Industrial Revolution, it makes use of cyber-physical systems, Internet of Things, cloud computing and cognitive computing, to automate almost every aspect of the manufacturing process.

Fun Fact : The name Industry 4.0 comes from the German “Industrie 4.0” from the high-tech strategy of the German government to promote the computerisation of manufacturing.

 

TUV Rheinland : Cyber Risk Management for Industry 4.0

The Cyber Risk Management for Industry 4.0 seminar is a platform for TUV Rheinland to share their insights on developing cybersecurity measures to manage operational cyber risk, be it for smart factories, smart devices or smart vehicles.

According to TUV Rheinland, the discipline of Cyber Risk Management can be effectively implemented if cybersecurity and privacy are addressed by design – both in strategy as well as operations. Let’s hear from their experts…

Operational Technology Protected

by Nigel Stanley, Chief Technology Officer of TUV Rheinland Industrial

Automotive Cyber Security

by Rajeev Sukumaran, Director of TUV Rheinland Consulting Services

Critical Infrastructure Protection – Railways & Utilities

by Tarun Gupta, Principal Consultant of TUV Rheinland Industrial Security

Privacy & Security In The IOT World

by Urmez Daver, Vice President of TUV Rheinland Consulting Services

Go Back To > Events | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

AMD RyzenFall, MasterKey, Fallout, Chimera Mitigation Guide

The recently-discovered RyzenFall, MasterKey, Fallout and Chimera security flaws affecting AMD’s latest processor platforms are ruining the AMD Ryzen 2 pre-launch vibes. So it’s no surprise to see AMD working hard to fix the vulnerabilities.

In this article, we will share with you the latest AMD mitigation options for the RyzenFall, MasterKey, Fallout and Chimera security vulnerabilities.

 

What’s Really Affected?

While it is accurate to say that the AMD Ryzen and AMD EPYC processors are affected by RyzenFall, MasterKey, Fallout and Chimera, these vulnerabilities do not affect the actual processor cores. Neither are they related to the Zen microarchitecture.

This makes them completely different from the Meltdown and Spectre vulnerabilities that have been “built into” over 2,800 CPU models!

Instead, the new RyzenFall, MasterKey, Fallout and Chimera security vulnerabilities are found in:

  • the AMD Secure Processor (integrated into the new Ryzen and EPYC processors), and
  • the AMD Promontory chipsets that are paired with Ryzen and Ryzen Pro desktop processors.

The AMD Promontory chipset is used in many Socket AM4 desktop, and Socket TR4 high-end desktop (HEDT) platforms.

AMD EPYC, Ryzen Embedded, and Ryzen Mobile platforms do not use the Promontory chipset.

 

The AMD RyzenFall, MasterKey, Fallout + Chimera Mitigations

RyzenFall + Fallout

Issue : An attacker with administrative access can write to the AMD Secure Processor (PSP registers to exploit vulnerabilities in the interface between the x86 processor core and AMD Secure Processor.

Impact : The attacker can circumvent security controls to install difficult-to-detect malware in the x86 System Management Mode (SMM). The access is not persistent across reboots.

Planned Mitigations : AMD will issue AMD Secure Processor firmware patches through BIOS updates in coming weeks. No performance impact is expected.

MasterKey (PSP Privilege Escalation)

Issue : An attacker with administrative access can write malicious firmware updates, without the AMD Secure Processor (PSP) detecting the “corruption”.

Impact : The attacker can circumvent security controls to install difficult-to-detect malware. These changes are persistent, even following a system reboot.

Planned Mitigations : AMD will issue AMD Secure Processor firmware patches through BIOS updates in coming weeks. No performance impact is expected.

Chimera

Issue : An attacker with administrative access can install a malicious driver to access certain features in the AMD Promontory chipset.

Impact : The attacker can access physical memory through the Promontory chipset. The attacker can also install difficult-to-detect malware in the chipset, but this is not persistent across reboots.

Planned Mitigations : AMD will issue chipset patches through BIOS updates in coming weeks. No performance impact is expected.

 

Reading Suggestions

[adrotate group=”2″]

Go Back To > Guides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Chinese APT Teams Using PlugX Malware To Spy On Big Pharma!

March 15, 2018 – Kaspersky Lab’s researchers have discovered evidence of Chinese APT teams using the PlugX malware in attacks against the healthcare sector. The infamous PlugX malware has been detected in pharmaceutical organizations in Vietnam, aimed at stealing precious drug formulas and business information.

 

What Is PlugX?

The PlugX malware is a well-known remote access tool (RAT). It is usually spread via spear phishing and has previously been detected in targeted attacks against the military, government and political organizations.

The PlugX RAT allows attackers to perform various malicious operations on a system without the user’s permission or authorization, including – but not limited to – copying and modifying files, logging keystrokes, stealing passwords and capturing screenshots of user activity.

PlugX, as with other RATs, is used by cyber criminals to discreetly steal and collect sensitive or profitable information for malicious purposes.

 

PlugX In Attacks On Big Pharma

The PlugX RAT has been used by a number of Chinese-speaking cyber threat actors, including Deep Panda, NetTraveler or Winnti.

In 2013, it was discovered that Winnti – responsible for attacking companies in the online gaming industry – had been using PlugX since May 2012.

[adrotate group=”2″]

Interestingly, Winnti has also been present in attacks against pharmaceutical companies, where the aim has been to steal digital certificates from medical equipment and software manufacturers.

RAT usage in attacks against pharmaceutical organizations indicates that sophisticated APT actors are showing an increased interest in capitalizing on the healthcare sector.

Other key findings for 2017 in the research include:

  • More than 60% of medical organizations had malware on their servers or computers;
  • Philippines, Venezuela and Thailand topped the list of countries with attacked devices in medical organizations.

 

Stay Protected Against PlugX

In order to stay protected, Kaspersky Lab experts advise businesses to take the following measures:

  • Remove all nodes that process medical data from public and secure public web portals;
  • Automatically update installed software using patch management systems on all nodes, including servers.
  • Perform network segmentation: refrain from connecting expensive equipment to the main LAN of your organization
  • Use a proven corporate grade security solution in combination with anti-targeted attack technologies and threat intelligence, such as Kaspersky Threat Management and Defense solution. These are capable of spotting and catching advanced targeted attacks by analyzing network anomalies and giving cybersecurity teams full visibility over the network and response automation

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky Reveals Security Flaws In Hanwha Techwin Smart Cameras

Kaspersky Lab researchers discovered multiple security vulnerabilities in popular smart cameras made by Hanwha Techwin that are frequently used as baby monitors, or for internal home and office security surveillance.

According to their research, the uncovered flaws could allow attackers to obtain remote access to video and audio feeds from the cameras, remotely disable these devices, execute arbitrary malicious code on them and do many other things.

 

Security Holes In Hanwha Techwin Smart Cameras

Modern smart cameras contain an advanced number of functions, providing users with various opportunities: people can use them as advanced baby monitors or for surveillance systems which spot intruders while no one is home or in the office.

But, are these cameras secure enough by design and what if such a smart camera started watching you, instead of watching your home? Previous analysis conducted by many other security researchers has shown that smart cameras in general tend to contain security vulnerabilities at different levels of severity.

In their latest research, Kaspersky Lab experts uncovered something extraordinary: not just one, but a whole range of smart cameras was found to be vulnerable to a number of severe remote attacks. This was due to an insecurely designed cloud-backbone system that was initially created to enable the owners of these cameras to remotely access video from their devices.

By exploiting these vulnerabilities, malicious users could execute the following attacks:

  • Access video and audio feeds from any camera connected to the vulnerable cloud service;
  • Remotely gain root access to a camera and use it as an entry-point for further attacks on other devices on both local and external networks.
  • Remotely upload and execute arbitrary malicious code on the cameras;
  • Steal personal information such as users’ social network accounts and information which is used to send users notifications.
  • Remotely “brick” vulnerable cameras.

Following the discovery, Kaspersky Lab researchers contacted and reported the vulnerabilities to Hanwha Techwin, the manufacturer of the affected cameras. At the time of publication, some vulnerabilities had already been fixed, and the remaining vulnerabilities are set to be completely fixed soon, according to the manufacturer.

 

Thousands Of Hanwha Techwin Cameras Are Accessible Online

All these attacks were possible because experts found that the way the cameras interacted with the cloud service was insecure and open to relatively easy interference. They also found that the architecture of the cloud service itself was vulnerable to external interference.

\It is important to note that such attacks were only possible if attackers knew the serial number of the camera. However, the way in which serial numbers are generated is relatively easy to find out through simple brute-force attacks: the camera registering system didn’t have brute force protection.

[adrotate group=”2″]

While doing their research, Kaspersky Lab experts were able to identify almost 2,000 vulnerable cameras working online, but these were only the cameras that had their own IP address, hence were directly available through the internet. The real number of vulnerable devices placed behind routers and firewalls could actually be several times higher.

In addition, researchers found an undocumented functionality, which could be used by the manufacturer for final production test purposes. However, at the same time criminals could use this hidden avenue to send wrong signals to any camera or change a command already sent to it.

Besides that, the feature itself was found to be vulnerable. It could be further exploited with a buffer overflow, potentially leading to the camera’s shutdown. The vendor has now fixed the issue and removed this feature.

 

Hanwha Techwin Official Statement

The security of our customers is the highest priority for us. We have already fixed the camera’s vulnerabilities, including the Remote Upload and Execution of arbitrary malicious code. We have released updated firmware available to all our users. Some vulnerabilities related to the cloud have been recognized and will be fixed soon.

 

Kaspersky Lab’s Recommendations 

In order to stay protected, Kaspersky Lab strongly advises users to do the following:

  • Always change the default password. Use a complex one instead and do not forget to update it regularly.
  • Pay close attention to security issues of connected devices before purchasing yet another smart device for homes or offices. Information on discovered and patched vulnerabilities is usually available online and is often easy to find.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Complete List Of CPUs Vulnerable To Meltdown / Spectre Rev. 8.0

The speculative execution CPU bug that literally kneecapped Intel, also affects many AMD and ARM processors. This means BILLIONS of CPUs around the world, including those powering smartphones, are affected by Meltdown and/or Spectre.

Our article Everything On The Meltdown + Spectre CPU Flaws! summarises the key details of  the speculative execution bug, and what we can do about it. This guide is to help those who want a full list of affected CPUs. Because we intend this to be an exhaustive list, we split it into multiple sections.

 

Article Update History

Click here for the Article Update History

Updated @ 2018-03-07 : Added a new list of 5 IBM z/Architecture CPUs. Added a new list of 22 VIA desktop and mobile CPUs. Added 1 ARM mobile CPU, 1 Intel server CPU, and 1 Intel mobile CPU. Also added 20 mobile SoCs, 9 digital TV or media player SoCs, and 43 industrial SoCs.

Updated @ 2018-02-15 : Added 96 Intel server CPUs, 91 Intel desktop CPUs, and 127 Intel mobile CPUs.

Updated @ 2018-02-07 : Added 128 AMD server CPUs, 11 AMD workstation CPUs, 128 AMD desktop CPUs, and 59 AMD mobile CPUs.

Updated @ 2018-02-02 : Added 11 Intel server CPUs, 96 AMD server CPUs, 168 AMD desktop CPUs, 77 AMD mobile CPUs, 10 IBM POWER CPUs, 9 HiSilicon Kirin mobile SoCs, 10 MediaTek mobile SOCs, 4 MediaTek digital TV SoCs, and 6 NVIDIA devices to the lists of vulnerable CPUs.

Updated @ 2018-01-14 : Added 416 Intel server CPUs, 8 Intel desktop CPUs, and 29 Intel mobile CPUs to the lists of vulnerable CPUs. Added a new list of 51 Intel mobile SoCs.

Updated @ 2018-01-12 : Added 71 AMD server CPUs, 71 AMD desktop CPUs, 29 AMD mobile CPUs and 3 AMD server SoCs based on a vulnerable ARM CPU. Also added a table summarising the number of vulnerable processors.

Updated @ 2018-01-11 : Added 18 Intel desktop CPUs and 165 Intel server / workstation CPUs. Also added a list of vulnerable Apple iOS devices, and expanded the list of vulnerable mobile SoCs used by smartphones.

Originally posted @ 2018-01-08

 

What Are Meltdown And Spectre?

Meltdown and Spectre are two exploits that take advantage of three variants of the speculative execution bug that affects billions of CPUs around the world.

The Spectre exploit targeted Variants 1 and 2, while the Meltdown exploit targets Variant 3, of the CPU bug.

For more information on the speculative execution bug, and the Meltdown / Spectre exploits, please read Everything On The Meltdown + Spectre CPU Flaws!

 

The CPUs Vulnerable To Meltdown / Spectre Updated!

For easy reference, we divided the affected CPUs by Company (arranged ALPHABETICALLY – no conspiracy, we promise), and subsequently by Segment (Workstation / Desktop / Mobile), or affected variants.

As of Revision 8.0, we believe we have covered all of the affected AMD, Apple, ARM, IBM, Intel and VIA CPUs. But we will add more CPUs (and devices) as and when they’re noted to be vulnerable to the Meltdown and Spectre exploits.

Note : It’s arguable that all CPUs that uses speculative execution to any degree are potentially vulnerable to Meltdown or Spectre or a future exploit. We will only focus on CPUs that are confirmed to be vulnerable to Meltdown or Spectre.

 

Vulnerable CPUs By The Numbers Updated!

Here is a quick summary of the number of CPUs vulnerable to Meltdown or Spectre, according to the company, and the type of processor.

Company Spectre 1 Spectre 2 Meltdown
AMD 295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
None
Apple 13 Mobile SoCs 13 Mobile SoCs 13 Mobile SoCs
ARM 10 Mobile CPUs
3 Server SoCs
10 Mobile CPUs
3 Server SoCs
4 Mobile CPUs
3 Server SoCs
IBM 5 z/Architecture CPUs
10 POWER CPUs
5 z/Architecture CPUs
10 POWER CPUs
5 z/Architecture CPUs
10 POWER CPUs
Intel 733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs
733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs
733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs
VIA 10 Desktop CPUs
12 Mobile CPUs
10 Desktop CPUs
12 Mobile CPUs
10 Desktop CPUs
12 Mobile CPUs

Total

2816 CPUs 2816 CPUs 1868 CPUs

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

 

The AMD Server CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2.

AMD Server CPUs Vulnerable To Spectre

AMD Naples (2017)

  • AMD EPYC 7601
  • AMD EPYC 7551
  • AMD EPYC 7551P
  • AMD EPYC 7501
  • AMD EPYC 7451
  • AMD EPYC 7401
  • AMD EPYC 7401P
  • AMD EPYC 7351
  • AMD EPYC 7351P
  • AMD EPYC 7301
  • AMD EPYC 7281
  • AMD EPYC 7251

AMD Toronto (2017)

  • AMD Opteron X3421
  • AMD Opteron X3418
  • AMD Opteron X3416

AMD Kyoto (2013)

  • AMD Opteron X2170
  • AMD Opteron X2150
  • AMD Opteron X1150

AMD Abu Dhabi (2012)

  • AMD Opteron 6386 SE
  • AMD Opteron 6380
  • AMD Opteron 6378
  • AMD Opteron 6370P
  • AMD Opteron 6366 HE
  • AMD Opteron 6348
  • AMD Opteron 6344
  • AMD Opteron 6338P
  • AMD Opteron 6328
  • AMD Opteron 6320
  • AMD Opteron 6308

AMD Seoul (2012)

  • AMD Opteron 4386
  • AMD Opteron 4376 HE
  • AMD Opteron 43GK HE
  • AMD Opteron 4365 EE
  • AMD Opteron 4340
  • AMD Opteron 4334
  • AMD Opteron 4332 HE
  • AMD Opteron 4310 EE
  • AMD Opteron 43CX EE

AMD Delhi (2012)

  • AMD Opteron 3380
  • AMD Opteron 3365
  • AMD Opteron 3350 HE
  • AMD Opteron 3320 EE

AMD Zurich (2012)

  • AMD Opteron 3280
  • AMD Opteron 3260 HE
  • AMD Opteron 3250 HE

AMD Interlagos (2011)

  • AMD Opteron 6284 SE
  • AMD Opteron 6282 SE
  • AMD Opteron 6278
  • AMD Opteron 6276
  • AMD Opteron 6274
  • AMD Opteron 6272
  • AMD Opteron 6262 HE
  • AMD Opteron 6238
  • AMD Opteron 6234
  • AMD Opteron 6230 HE
  • AMD Opteron 6220
  • AMD Opteron 6212
  • AMD Opteron 6204

AMD Valencia (2011)

  • AMD Opteron 4284
  • AMD Opteron 4280
  • AMD Opteron 4276 HE
  • AMD Opteron 4274 HE
  • AMD Opteron 42MX HE
  • AMD Opteron 4256 EE
  • AMD Opteron 4240
  • AMD Opteron 4238
  • AMD Opteron 4234
  • AMD Opteron 4230 HE
  • AMD Opteron 4228 HE
  • AMD Opteron 4226
  • AMD Opteron 42DX EE

AMD Magny-Cours (2010)

  • AMD Opteron 6180 SE
  • AMD Opteron 6176 SE
  • AMD Opteron 6176
  • AMD Opteron 6174
  • AMD Opteron 6172
  • AMD Opteron 6168
  • AMD Opteron 6164 HE
  • AMD Opteron 6140
  • AMD Opteron 6136
  • AMD Opteron 6134
  • AMD Opteron 6132 HE
  • AMD Opteron 6128
  • AMD Opteron 6128 HE
  • AMD Opteron 61QS
  • AMD Opteron 61KS
  • AMD Opteron 6124 HE

AMD Lisbon (2010)

  • AMD Opteron 4184
  • AMD Opteron 4180
  • AMD Opteron 4176 HE
  • AMD Opteron 4174 HE
  • AMD Opteron 4171 HE
  • AMD Opteron 4170 HE
  • AMD Opteron 41KX HE
  • AMD Opteron 4164 EE
  • AMD Opteron 4162 EE
  • AMD Opteron 41GL EE
  • AMD Opteron 4133
  • AMD Opteron 4130
  • AMD Opteron 4122
  • AMD Opteron 41QS HE
  • AMD Opteron 41LE HE

AMD Istanbul (2009)

  • AMD Opteron 8439 SE
  • AMD Opteron 8435
  • AMD Opteron 8431
  • AMD Opteron 8425 HE
  • AMD Opteron 8423
  • AMD Opteron 8419
  • AMD Opteron 8419 EE
  • AMD Opteron 2439 SE
  • AMD Opteron 2435
  • AMD Opteron 2431
  • AMD Opteron 2427
  • AMD Opteron 2425 HE
  • AMD Opteron 2423 HE
  • AMD Opteron 2419
  • AMD Opteron 2419 EE

AMD Suzuka (2009)

  • AMD Opteron 1389
  • AMD Opteron 1385
  • AMD Opteron 1381
  • AMD Opteron 13QS HE
  • AMD Opteron 13KS EE

AMD Shanghai (2009)

  • AMD Opteron 8393 SE
  • AMD Opteron 8389
  • AMD Opteron 8387
  • AMD Opteron 8386 SE
  • AMD Opteron 8384
  • AMD Opteron 8382
  • AMD Opteron 8381 HE
  • AMD Opteron 8380
  • AMD Opteron 8379 HE
  • AMD Opteron 8378
  • AMD Opteron 83VS
  • AMD Opteron 8374 HE
  • AMD Opteron 83QS HE
  • AMD Opteron 2393 SE
  • AMD Opteron 2389
  • AMD Opteron 2387
  • AMD Opteron 2386 SE
  • AMD Opteron 2384
  • AMD Opteron 2382
  • AMD Opteron 2381 HE
  • AMD Opteron 2380
  • AMD Opteron 2379 HE
  • AMD Opteron 2378
  • AMD Opteron 2377 EE
  • AMD Opteron 2376
  • AMD Opteron 2376 HE
  • AMD Opteron 23VS
  • AMD Opteron 2374 HE
  • AMD Opteron 2373 EE
  • AMD Opteron 2372 HE
  • AMD Opteron 23QS HE
  • AMD Opteron 23KS EE

AMD Budapest (2008)

  • AMD Opteron 1356
  • AMD Opteron 1354
  • AMD Opteron 1352

AMD Barcelona (2007)

  • AMD Opteron 8360 SE
  • AMD Opteron 8357 SE
  • AMD Opteron 8356
  • AMD Opteron 8354
  • AMD Opteron 8352
  • AMD Opteron 8350
  • AMD Opteron 8350 HE
  • AMD Opteron 8347
  • AMD Opteron 8347 HE
  • AMD Opteron 8346 HE

AMD Santa Rosa (2006)

  • AMD Opteron 8224 SE
  • AMD Opteron 8222 SE
  • AMD Opteron 8222
  • AMD Opteron 8220 SE
  • AMD Opteron 8220
  • AMD Opteron 8218
  • AMD Opteron 8218 HE
  • AMD Opteron 8216
  • AMD Opteron 8216 HE
  • AMD Opteron 8214
  • AMD Opteron 8214 HE
  • AMD Opteron 8212
  • AMD Opteron 8212 HE
  • AMD Opteron 8210 EE
  • AMD Opteron 2224 SE
  • AMD Opteron 2222 SE
  • AMD Opteron 2222
  • AMD Opteron 2220 SE
  • AMD Opteron 2220
  • AMD Opteron 2218
  • AMD Opteron 2218 HE
  • AMD Opteron 2216
  • AMD Opteron 2216 HE
  • AMD Opteron 2214
  • AMD Opteron 2214 HE
  • AMD Opteron 2212
  • AMD Opteron 2212 HE
  • AMD Opteron 2210
  • AMD Opteron 2210 HE
  • AMD Opteron 2210 EE
  • AMD Opteron 2208 HE

AMD Santa Ana (2006)

  • AMD Opteron 1224 SE
  • AMD Opteron 1222 SE
  • AMD Opteron 1222
  • AMD Opteron 1220 SE
  • AMD Opteron 1220
  • AMD Opteron 1218
  • AMD Opteron 1218 HE
  • AMD Opteron 1216
  • AMD Opteron 1216 HE
  • AMD Opteron 1214
  • AMD Opteron 1214 HE
  • AMD Opteron 1212
  • AMD Opteron 1212 HE
  • AMD Opteron 1210
  • AMD Opteron 1210 HE
  • AMD Opteron 1210 EE

AMD Egypt (2005)

  • AMD Opteron 890
  • AMD Opteron 885
  • AMD Opteron 880
  • AMD Opteron 875
  • AMD Opteron 875 HE
  • AMD Opteron 870
  • AMD Opteron 870 HE
  • AMD Opteron 865
  • AMD Opteron 865 HE
  • AMD Opteron 860 HE

AMD Italy (2005)

  • AMD Opteron 290
  • AMD Opteron 285
  • AMD Opteron 280
  • AMD Opteron 275
  • AMD Opteron 275 HE
  • AMD Opteron 270
  • AMD Opteron 270 HE
  • AMD Opteron 265
  • AMD Opteron 265 HE
  • AMD Opteron 260 HE

AMD Denmark (2005)

  • AMD Opteron 190
  • AMD Opteron 185
  • AMD Opteron 180
  • AMD Opteron 175
  • AMD Opteron 170
  • AMD Opteron 165

AMD Athens (2004)

  • AMD Opteron 856
  • AMD Opteron 854
  • AMD Opteron 852
  • AMD Opteron 850
  • AMD Opteron 850 HE
  • AMD Opteron 848
  • AMD Opteron 848 HE
  • AMD Opteron 846
  • AMD Opteron 846 HE
  • AMD Opteron 844
  • AMD Opteron 842

AMD Troy (2004)

  • AMD Opteron 256
  • AMD Opteron 254
  • AMD Opteron 252
  • AMD Opteron 250
  • AMD Opteron 250 HE
  • AMD Opteron 248
  • AMD Opteron 248 HE
  • AMD Opteron 246
  • AMD Opteron 246 HE
  • AMD Opteron 244
  • AMD Opteron 242

AMD Venus (2004)

  • AMD Opteron 156
  • AMD Opteron 154
  • AMD Opteron 152
  • AMD Opteron 150
  • AMD Opteron 148
  • AMD Opteron 148 HE
  • AMD Opteron 146
  • AMD Opteron 144
  • AMD Opteron 142

AMD Sledgehammer (2003)

  • AMD Opteron 850
  • AMD Opteron 848
  • AMD Opteron 846
  • AMD Opteron 846 HE
  • AMD Opteron 844
  • AMD Opteron 842
  • AMD Opteron 840
  • AMD Opteron 840 EE
  • AMD Opteron 250
  • AMD Opteron 248
  • AMD Opteron 246
  • AMD Opteron 246 HE
  • AMD Opteron 244
  • AMD Opteron 242
  • AMD Opteron 240
  • AMD Opteron 240 EE
  • AMD Opteron 150
  • AMD Opteron 148
  • AMD Opteron 146
  • AMD Opteron 146 HE
  • AMD Opteron 144
  • AMD Opteron 142
  • AMD Opteron 140
  • AMD Opteron 140 EE

Next Page > AMD Workstation & Desktop CPUs Vulnerable To Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The AMD Workstation CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2. They are not vulnerable to Meltdown.

AMD Summit Ridge (2017)

  • AMD Ryzen Threadripper 1950X
  • AMD Ryzen Threadripper 1920X
  • AMD Ryzen Threadripper 1900X

AMD Vishera (2012)

  • AMD FX-9590
  • AMD FX-9370
  • AMD FX-8370E
  • AMD FX-8370
  • AMD FX-8350
  • AMD FX-8320E
  • AMD FX-8320
  • AMD FX-8310
  • AMD FX-8300
  • AMD FX-6350
  • AMD FX-6300
  • AMD FX-6200
  • AMD FX-4350
  • AMD FX-4320
  • AMD FX-4300

AMD Zambezi (2011)

  • AMD FX-8170
  • AMD FX-8150
  • AMD FX-8140
  • AMD FX-8120
  • AMD FX-8100
  • AMD FX-6130
  • AMD FX-6120
  • AMD FX-6100
  • AMD FX-4170
  • AMD FX-4150
  • AMD FX-4130
  • AMD FX-4120
  • AMD FX-4100

AMD Windsor (2006)

  • AMD Athlon 64 FX-74
  • AMD Athlon 64 FX-72
  • AMD Athlon 64 FX-70
  • AMD Athlon 64 FX-62

AMD Toledo (2005)

  • AMD Athlon 64 FX-60

AMD San Diego (2005)

  • AMD Athlon 64 FX-57
  • AMD Athlon 64 FX-55

AMD Clawhammer (2004)

  • AMD Athlon 64 FX-55
  • AMD Athlon 64 FX-53

AMD Sledgehammer (2003)

  • AMD Athlon 64 FX-53
  • AMD Athlon 64 FX-51
[adrotate group=”1″]

 

AMD Desktop CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2. They are not vulnerable to Meltdown.

AMD Raven Ridge (2018)

  • AMD Ryzen 5 2400G
  • AMD Ryzen 5 2200G

AMD Summit Ridge (2017)

  • AMD Ryzen 7 1800X
  • AMD Ryzen 7 1700X
  • AMD Ryzen 7 1700
  • AMD Ryzen 5 1600X
  • AMD Ryzen 5 1600
  • AMD Ryzen 5 1500X
  • AMD Ryzen 5 1400
  • AMD Ryzen 3 1300X
  • AMD Ryzen 3 1200

AMD Bristol Ridge (2016)

  • AMD PRO A12-9800
  • AMD A12-9800
  • AMD PRO A12-9800E
  • AMD A12-9800E
  • AMD PRO A10-9700
  • AMD A10-9700
  • AMD PRO A10-9700E
  • AMD A10-9700E
  • AMD PRO A8-9600
  • AMD A8-9600
  • AMD A6-9550
  • AMD PRO A6-9500
  • AMD A6-9500
  • AMD PRO A6-9500E
  • AMD A6-9500E
  • AMD Athlon X4 970
  • AMD Athlon X4 950
  • AMD Athlon X4 940

AMD Carrizo (2015)

  • AMD Athlon X4 845
  • AMD Athlon X4 835

AMD Kaveri (2014)

  • AMD A10-7890K
  • AMD A10-7870K
  • AMD A10-7860K
  • AMD A10 PRO-7850B
  • AMD A10-7850K
  • AMD A10 PRO-7800B
  • AMD A10-7800
  • AMD A10-7700K
  • AMD A8-7670K
  • AMD A8-7650K
  • AMD A8 PRO-7600B
  • AMD A8-7600
  • AMD A6-7470K
  • AMD A6-7400K
  • AMD A6 PRO-7400B
  • AMD A6 PRO-7350B
  • AMD FX-770K
  • AMD Athlon X4 880K
  • AMD Athlon X4 870K
  • AMD Athlon X4 860K
  • AMD Athlon X4 840
  • AMD Athlon X2 450

AMD Kabini (2014)

  • AMD Athlon 5370
  • AMD Athlon 5350
  • AMD Athlon 5150
  • AMD Sempron 3850
  • AMD Sempron 2650

AMD Richland (2013)

  • AMD A10-6800K
  • AMD A10-6800B
  • AMD A10-6790K
  • AMD A10-6790B
  • AMD A10-6700
  • AMD A10-6700T
  • AMD A8-6600K
  • AMD A8-6500B
  • AMD A8-6500
  • AMD A8-6500T
  • AMD A6-6420K
  • AMD A6-6420B
  • AMD A6-6400K
  • AMD A6-6400B
  • AMD A4 PRO-7300B
  • AMD A4-7300
  • AMD A4-6320B
  • AMD A4-6320
  • AMD A4-6300B
  • AMD A4-6300
  • AMD A4-4020
  • AMD A4-4000
  • AMD FX-670K
  • AMD Athlon X4 760K
  • AMD Athlon X4 750
  • AMD Athlon X2 370K
  • AMD Athlon X2 350
  • AMD Sempron X2 250

AMD Trinity (2012)

  • AMD A10-5800K
  • AMD A10-5800B
  • AMD A10-5700
  • AMD A8-5600K
  • AMD A8-5500B
  • AMD A8-5500
  • AMD A6-5400K
  • AMD A6-5400B
  • AMD A4-5300B
  • AMD A4-5300
  • AMD FirePro A320
  • AMD FirePro A300
  • AMD Athlon X4 750K
  • AMD Athlon X4 740
  • AMD Athlon X2 340
  • AMD Sempron X2 240

AMD Llano (2011)

  • AMD A8-3870K
  • AMD A8-3850
  • AMD A8-3820
  • AMD A8-3800
  • AMD A6-3670K
  • AMD A6-3650
  • AMD A6-3620
  • AMD A6-3600
  • AMD A4-3420
  • AMD A4-3400
  • AMD A4-3330
  • AMD E2-3200
  • AMD Athlon II X4 651K
  • AMD Athlon II X4 651
  • AMD Athlon II X4 641
  • AMD Athlon II X4 638
  • AMD Athlon II X4 631
  • AMD Athlon II X2 221
  • AMD Sempron X2 198

AMD Propus (2011)

  • AMD Phenom II X4 850
  • AMD Phenom II X4 840
  • AMD Athlon II X4 650
  • AMD Athlon II X4 645
  • AMD Athlon II X4 640
  • AMD Athlon II X4 635
  • AMD Athlon II X4 630
  • AMD Athlon II X4 620
  • AMD Athlon II X4 620e
  • AMD Athlon II X4 615e
  • AMD Athlon II X4 610e
  • AMD Athlon II X4 605e
  • AMD Athlon II X4 600e

AMD Regor (2011)

  • AMD Phenom II X2 521
  • AMD Phenom II X2 511
  • AMD Athlon II X2 B30
  • AMD Athlon II X2 280
  • AMD Athlon II X2 B28
  • AMD Athlon II X2 270
  • AMD Athlon II X2 270u
  • AMD Athlon II X2 265
  • AMD Athlon II X2 260
  • AMD Athlon II X2 260u
  • AMD Athlon II X2 B26
  • AMD Athlon II X2 255
  • AMD Athlon II X2 250e
  • AMD Athlon II X2 250
  • AMD Athlon II X2 250u
  • AMD Athlon II X2 245e
  • AMD Athlon II X2 245
  • AMD Athlon II X2 240e
  • AMD Athlon II X2 240
  • AMD Athlon II X2 B24
  • AMD Athlon II X2 235e
  • AMD Athlon II X2 220
  • AMD Athlon II X2 B22
  • AMD Athlon II X2 215
  • AMD Athlon II X2 210e
  • AMD Sempron 190
  • AMD Sempron 180

AMD Zosma (2010)

  • AMD Phenom II X4 970 Black Edition
  • AMD Phenom II X4 960T Black Edition
  • AMD Phenom II X4 960T
  • AMD Phenom II X4 840T
  • AMD Phenom II X4 650T
  • AMD Athlon II X4 640

AMD Thuban (2010)

  • AMD Phenom II X6 1100T Black Edition
  • AMD Phenom II X6 1090T Black Edition
  • AMD Phenom II X6 1075T Black Edition
  • AMD Phenom II X6 1075T
  • AMD Phenom II X6 1065T
  • AMD Phenom II X6 1055T
  • AMD Phenom II X6 1045T
  • AMD Phenom II X6 1035T

AMD Sargas (2009)

  • AMD Athlon II 170u
  • AMD Athlon II 160u
  • AMD Sempron 150
  • AMD Sempron 145
  • AMD Sempron 140
  • AMD Sempron 130

AMD Deneb (2009)

  • AMD Phenom II 42 TWKR
  • AMD Phenom II X4 980 Black Edition
  • AMD Phenom II X4 975 Black Edition
  • AMD Phenom II X4 970 Black Edition
  • AMD Phenom II X4 965 Black Edition
  • AMD Phenom II X4 B99
  • AMD Phenom II X4 955 Black Edition
  • AMD Phenom II X4 955
  • AMD Phenom II X4 B97
  • AMD Phenom II X4 945
  • AMD Phenom II X4 940 Black Edition
  • AMD Phenom II X4 B95
  • AMD Phenom II X4 925
  • AMD Phenom II X4 920
  • AMD Phenom II X4 B93
  • AMD Phenom II X4 910e
  • AMD Phenom II X4 910
  • AMD Phenom II X4 905e
  • AMD Phenom II X4 900e
  • AMD Phenom II X4 830
  • AMD Phenom II X4 820
  • AMD Phenom II X4 810
  • AMD Phenom II X4 805

AMD Heka (2009)

  • AMD Phenom II X3 B77
  • AMD Phenom II X3 740 Black Edition
  • AMD Phenom II X3 B75
  • AMD Phenom II X3 720 Black Edition
  • AMD Phenom II X3 B73
  • AMD Phenom II X3 720
  • AMD Phenom II X3 715 Black Edition
  • AMD Phenom II X3 710
  • AMD Phenom II X3 705e
  • AMD Phenom II X3 700e

AMD Callisto (2009)

  • AMD Phenom II X2 570 Black Edition
  • AMD Phenom II X2 B60
  • AMD Phenom II X2 565 Black Edition
  • AMD Phenom II X2 B59
  • AMD Phenom II X2 560 Black Edition
  • AMD Phenom II X2 555 Black Edition
  • AMD Phenom II X2 B57
  • AMD Phenom II X2 550 Black Edition
  • AMD Phenom II X2 550
  • AMD Phenom II X2 B55
  • AMD Phenom II X2 545
  • AMD Phenom II X2 B53

AMD Rana (2009)

  • AMD Athlon II X3 460
  • AMD Athlon II X3 455
  • AMD Athlon II X3 450
  • AMD Athlon II X3 445
  • AMD Athlon II X3 440
  • AMD Athlon II X3 435
  • AMD Athlon II X3 425e
  • AMD Athlon II X3 425
  • AMD Athlon II X3 420e
  • AMD Athlon II X3 415e
  • AMD Athlon II X3 405e
  • AMD Athlon II X3 400e

AMD Agena (2008)

  • AMD Phenom X4 9950 Black Edition
  • AMD Phenom X4 9850 Black Edition
  • AMD Phenom X4 9850B
  • AMD Phenom X4 9850
  • AMD Phenom X4 9750B
  • AMD Phenom X4 9750
  • AMD Phenom X4 9650
  • AMD Phenom X4 9600B
  • AMD Phenom X4 9600
  • AMD Phenom X4 9550
  • AMD Phenom X4 9500
  • AMD Phenom X4 9450
  • AMD Phenom X4 9350
  • AMD Phenom X4 9150e
  • AMD Phenom X4 9100e

AMD Toliman (2008)

  • AMD Phenom X3 8850
  • AMD Phenom X3 8750 Black Edition
  • AMD Phenom X3 8750
  • AMD Phenom X3 8750B
  • AMD Phenom X3 8650
  • AMD Phenom X3 8600B
  • AMD Phenom X3 8600
  • AMD Phenom X3 8550
  • AMD Phenom X3 8450e
  • AMD Phenom X3 8450
  • AMD Phenom X3 8400
  • AMD Phenom X3 8250e

AMD Kuma (2008)

  • AMD Athlon X2 7850 Black Edition
  • AMD Athlon X2 7750 Black Edition
  • AMD Athlon X2 7550
  • AMD Athlon X2 7450
  • AMD Athlon X2 6500 Black Edition

AMD Brisbane (2007)

  • AMD Athlon X2 5600B
  • AMD Athlon X2 5400B
  • AMD Athlon X2 5200B
  • AMD Athlon X2 5000B
  • AMD Athlon X2 5050e
  • AMD Athlon X2 4850B
  • AMD Athlon X2 4850e
  • AMD Athlon X2 4450B
  • AMD Athlon X2 4450e
  • AMD Athlon X2 4050e
  • AMD Athlon X2 3250e
  • AMD Athlon X2 BE-2400
  • AMD Athlon X2 BE-2350
  • AMD Athlon X2 BE-2300
  • AMD Athlon 64 X2 6000+
  • AMD Athlon 64 X2 5800+
  • AMD Athlon 64 X2 5600+
  • AMD Athlon 64 X2 5400+ Black Edition
  • AMD Athlon 64 X2 5400+
  • AMD Athlon 64 X2 5200+
  • AMD Athlon 64 X2 5000+ Black Edition
  • AMD Athlon 64 X2 5000+
  • AMD Athlon 64 X2 4800+
  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4400+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 4000+
  • AMD Athlon 64 X2 3600+
  • AMD Sempron X2 2300
  • AMD Sempron X2 2200
  • AMD Sempron X2 2100

AMD Lima (2007)

  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3100+
  • AMD Athlon 64 2850e
  • AMD Athlon 64 2600+
  • AMD Athlon 64 2650e
  • AMD Athlon 64 2000+
  • AMD Athlon LE-1660
  • AMD Athlon LE-1640
  • AMD Athlon LE-1640B

AMD Sparta (2006)

  • AMD Sempron LE-1300
  • AMD Sempron LE-1250
  • AMD Sempron LE-1200
  • AMD Sempron LE-1150
  • AMD Sempron LE-1100

AMD Windsor (2006)

  • AMD Athlon 64 X2 6400+ Black Edition
  • AMD Athlon 64 X2 6000+
  • AMD Athlon 64 X2 5600+
  • AMD Athlon 64 X2 5400+
  • AMD Athlon 64 X2 5200+
  • AMD Athlon 64 X2 5000+
  • AMD Athlon 64 X2 4800+
  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4400+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 4000+
  • AMD Athlon 64 X2 3800+
  • AMD Athlon 64 X2 3600+

AMD Manila (2006)

  • AMD Sempron 3800+
  • AMD Sempron 3600+
  • AMD Sempron 3500+
  • AMD Sempron 3400+
  • AMD Sempron 3200+
  • AMD Sempron 3000+
  • AMD Sempron 2800+

AMD Orleans (2006)

  • AMD Athlon 64 4000+
  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 LE-1640
  • AMD Athlon 64 LE-1620
  • AMD Athlon 64 LE-1600

AMD Toledo (2005)

  • AMD Athlon 64 X2 4800+
  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4400+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 4000+
  • AMD Athlon 64 X2 3800+
  • AMD Athlon 64 X2 3700+

AMD Palermo (2005)

  • AMD Sempron 3500+
  • AMD Sempron 3400+
  • AMD Sempron 3300+
  • AMD Sempron 3200+
  • AMD Sempron 3100+
  • AMD Sempron 3000+
  • AMD Sempron 2800+
  • AMD Sempron 2600+
  • AMD Sempron 2500+

AMD Manchester (2005)

  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 3800+
  • AMD Athlon 64 X2 3600+
  • AMD Athlon 64 X2 3500+
  • AMD Athlon 64 X2 3200+

AMD San Diego (2005)

  • AMD Athlon 64 4000+
  • AMD Athlon 64 3700+
  • AMD Athlon 64 3500+

AMD Venice (2005)

  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3400+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 1500+

AMD Winchester (2004)

  • AMD Athlon 64 3500+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+

AMD Paris (2004)

  • AMD Sempron 3100+
  • AMD Sempron 3000+

AMD Clawhammer (2004)

  • AMD Athlon 64 4000+
  • AMD Athlon 64 3800+
  • AMD Athlon 64 3700+
  • AMD Athlon 64 3600+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3400+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 2800+

AMD Newcastle (2003)

  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3400+
  • AMD Athlon 64 3300+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 2800+

Next Page > AMD Mobile CPUs Vulnerable To Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


AMD Mobile CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2. They are not vulnerable to Meltdown.

AMD Raven Ridge (2017)

  • AMD Ryzen 7 2700U
  • AMD Ryzen 5 2500U
  • AMD Ryzen 3 2300U
  • AMD Ryzen 3 2200U

AMD Bristol Ridge (2016)

  • AMD FX-9830P
  • AMD Pro A12-9830B
  • AMD FX-9800P
  • AMD Pro A12-9800B
  • AMD A12-9730P
  • AMD Pro A10-9730B
  • AMD A12-9720P
  • AMD A12-9700P
  • AMD Pro A10-9700B
  • AMD A10-9630P
  • AMD Pro A8-9630B
  • AMD A10-9620P
  • AMD A10-9600P
  • AMD Pro A8-9600B
  • AMD Pro A6-9500B

AMD Stoney Ridge (2015)

  • AMD A9-9430
  • AMD A9-9420
  • AMD A9-9410
  • AMD A9-9400
  • AMD A6-9220
  • AMD A6-9210
  • AMD A6-9200
  • AMD A6-9200e
  • AMD A4-9120
  • AMD E2-9010
  • AMD E2-9000
  • AMD E2-9000e

AMD Carrizo (2015)

  • AMD A10-8780P
  • AMD Pro A12-8800B
  • AMD FX-8800P
  • AMD Pro A10-8700B
  • AMD A10-8700P
  • AMD Pro A8-8600B
  • AMD A8-8600P
  • AMD Pro A6-8500B
  • AMD A6-8500P
  • AMD A8-7410
  • AMD A6-7310
  • AMD A4-7210
  • AMD E2-7110
  • AMD E1-7010

AMD Kaveri (2014)

  • AMD FX-7600P
  • AMD FX-7500
  • AMD A10-7400P
  • AMD Pro A10-7350B
  • AMD A10-7300
  • AMD A8-7200P
  • AMD Pro A8-7150B
  • AMD A8-7100
  • AMD Pro A6-7050B
  • AMD A6-7000

AMD Richland (2013)

  • AMD A10-5757M
  • AMD A10-5750M
  • AMD A10-5745M
  • AMD A8-5557M
  • AMD A8-5550M
  • AMD A8-5545M
  • AMD A6-5357M
  • AMD A6-5350M
  • AMD A6-5345M
  • AMD A4-5150M
  • AMD A4-5145M

AMD Trinity (2012)

  • AMD A10-4655M
  • AMD A10-4600M
  • AMD A8-4555M
  • AMD A8-4500M
  • AMD A6-4455M
  • AMD A6-4400M
  • AMD A4-4355M
  • AMD A4-4300M

AMD Llano (2011)

  • AMD A8-3550MX
  • AMD A8-3530MX
  • AMD A8-3520M
  • AMD A8-3510MX
  • AMD A8-3500M
  • AMD A6-3430MX
  • AMD A6-3420M
  • AMD A6-3410MX
  • AMD A6-3400M
  • AMD A4-3330MX
  • AMD A4-3320M
  • AMD A4-3310MX
  • AMD A4-3305M
  • AMD A4-3300M
  • AMD E2-3000M

AMD Champlain (2010)

  • AMD Phenom II X940 Black Edition
  • AMD Phenom II X920 Black Edition
  • AMD Phenom II N970
  • AMD Phenom II P960
  • AMD Phenom II N950
  • AMD Phenom II P940
  • AMD Phenom II N930
  • AMD Phenom II P920
  • AMD Phenom II N870
  • AMD Phenom II P860
  • AMD Phenom II N850
  • AMD Phenom II P840
  • AMD Phenom II N830
  • AMD Phenom II P820
  • AMD Phenom II N660
  • AMD Phenom II P650
  • AMD Phenom II N640
  • AMD Phenom II N620
  • AMD Phenom II X640 Black Edition
  • AMD Phenom II X620 Black Edition
  • AMD Athlon II N370
  • AMD Athlon II P360
  • AMD Athlon II N350
  • AMD Athlon II P340
  • AMD Athlon II N330
  • AMD Athlon II P320
  • AMD Athlon II Neo K145
  • AMD Athlon II Neo K125
  • AMD Turion II Neo K685
  • AMD Turion II Neo K665
  • AMD Turion II Neo K645
  • AMD Turion II Neo K625
  • AMD Turion II N570
  • AMD Turion II P560
  • AMD Turion II N550
  • AMD Turion II P540
  • AMD Turion II N530
  • AMD Turion II P520
  • AMD V160
  • AMD V140
  • AMD V120
  • AMD V105

AMD Geneva (2010)

  • AMD Turion II Neo N54L
  • AMD Turion II K685
  • AMD Turion II K665
  • AMD Turion II K645
  • AMD Turion II K625

AMD Caspian (2009)

  • AMD Turion II Ultra M660
  • AMD Turion II Ultra M640
  • AMD Turion II Ultra M620
  • AMD Turion II Ultra M600
  • AMD Turion II M560
  • AMD Turion II M540
  • AMD Turion II M520
  • AMD Turion II M500
  • AMD Athlon II M360
  • AMD Athlon II M340
  • AMD Athlon II M320
  • AMD Athlon II M300
  • AMD Sempron M140
  • AMD Sempron M120
  • AMD Sempron M100

AMD Conesus (2009)

  • AMD Athlon Neo X2 L510
  • AMD Athlon Neo X2 L335
  • AMD Athlon Neo X2 L325

AMD Sherman (2009)

  • AMD Athlon Neo TF-20

AMD Huron (2009)

  • AMD Athlon Neo MV-40
  • AMD Sempron 210U
  • AMD Sempron 200U

AMD Sable (2008)

  • AMD Sempron SI-42
  • AMD Sempron SI-40

AMD Sherman (2007)

  • AMD Mobile Sempron 4000+
  • AMD Mobile Sempron 3800+
  • AMD Mobile Sempron 3700+
  • AMD Mobile Sempron 3600+
  • AMD Sempron 2100+ fanless

AMD Keene (2006)

  • AMD Mobile Sempron 3600+
  • AMD Mobile Sempron 3500+
  • AMD Mobile Sempron 3400+
  • AMD Mobile Sempron 3200+

AMD Newark (2005)

  • AMD Mobile Athlon 64 4000+
  • AMD Mobile Athlon 64 3700+
  • AMD Mobile Athlon 64 3400+
  • AMD Mobile Athlon 64 3200+
  • AMD Mobile Athlon 64 3000+

AMD Albany (2005)

  • AMD Mobile Sempron 3600+
  • AMD Mobile Sempron 3400+
  • AMD Mobile Sempron 3300+
  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+

AMD Roma (2005)

  • AMD Mobile Sempron 3400+
  • AMD Mobile Sempron 3300+
  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+

AMD Oakville (2004)

  • AMD Mobile Athlon 64 3000+
  • AMD Mobile Athlon 64 2800+
  • AMD Mobile Athlon 64 2700+

AMD Georgetown (2004)

  • AMD Mobile Sempron 3300+
  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+
  • AMD Mobile Sempron 2600+

AMD Sonora (2004)

  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+
  • AMD Mobile Sempron 2600+

AMD Dublin (2004)

  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+
  • AMD Mobile Sempron 2600+

AMD Odessa (2004)

  • AMD Mobile Athlon 64 3000+
  • AMD Mobile Athlon 64 2800+
  • AMD Mobile Athlon 64 2700+

AMD Clawhammer (2004)

  • AMD Mobile Athlon 64 3700+
  • AMD Mobile Athlon 64 3400+
  • AMD Mobile Athlon 64 3200+
  • AMD Mobile Athlon 64 3000+
  • AMD Mobile Athlon 64 2800+
  • AMD Mobile Athlon 64 2700+

Next Page > Apple, ARM & Intel CPUs Vulnerable To Meltdown & Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Apple CPUs Vulnerable To Meltdown / Spectre

Apple makes custom processors based on the ARM microarchitecture. They have not released specific information on which of their processors are affected by which exploit, but this is what we know so far.

Affected Variants : Apple only issued a general notice that their processors are affected by both Meltdown and Spectre, not the specific variants.

  • Apple A4
  • Apple A5
  • Apple A5X
  • Apple A6
  • Apple A6X
  • Apple A7
  • Apple A8
  • Apple A8X
  • Apple A9
  • Apple A9X
  • Apple A10 Fusion
  • Apple A10X Fusion
  • Apple A11 Bionic

Vulnerable iOS or tvOS Devices : Apple was vague about the iOS devices that were affected, but based on the affected CPU cores, here are the iOS devices that are vulnerable to Meltdown and Spectre :

  • Apple iPad, iPad 2, iPad 3, iPad 4
  • Apple iPad Air, iPad Air 2
  • Apple iPad Mini, iPad Mini 2, iPad Mini 3
  • Apple iPad Pro (9.7″, 10.5″ and 12.9″)
  • Apple iPhone 4, iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPhone 6, iPhone 6 Plus, iPhone 6S, iPhone 6S Plus, iPhone SE, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X
  • Apple iPod Touch 4th Generation, iPod Touch 5th Generation, iPod Touch 6th Generation
  • Apple TV 2nd Generation, 3rd Generation, 4th Generation and 5th Generation

 

The ARM CPUs Vulnerable To Meltdown / Spectre

ARM CPUs Vulnerable To All Three Variants

Affected Variants : Variants 1 and 2, and either Variant 3 or Variant 3a, of the speculative execution CPU bug. They are vulnerable to Meltdown and both variants of Spectre.

  • ARM Cortex-A75
  • ARM Cortex-A72
  • ARM Cortex-A57
  • ARM Cortex-A15

Mobile SoCs Using These ARM CPUs (Not Exhaustive)

  • HiSilicon Kirin 955
  • HiSilicon Kirin 950
  • HiSilicon Kirin 928
  • HiSilicon Kirin 925
  • HiSilicon Kirin 920
  • MediaTek Helio X27 (MT6797X)
  • MediaTek Helio X25 (MT6797T)
  • MediaTek Helio X23 (MT6707D)
  • MediaTek Helio X20 (MT6797)
  • MediaTek MT8173
  • MediaTek MT8135 / MT8135V
  • MediaTek MT6795
  • NVIDIA Tegra X2
  • NVIDIA Tegra X1
  • NVIDIA Tegra K1
  • NVIDIA Tegra 4
  • Qualcomm Snapdragon 845
  • Qualcomm Snapdragon 810 / 808
  • Qualcomm Snapdragon 670
  • Qualcomm Snapdragon 653 / 652 / 650
  • Qualcomm Snapdragon 640
  • Samsung Exynos 7420
  • Samsung Exynos 5800
  • Samsung Exynos 5433
  • Samsung Exynos 5422 / 5420
  • Samsung Exynos 5410
  • Samsung Exynos 5260
  • Samsung Exynos 5250
  • Samsung Exynos 5 Dual (Exynos 5250)

AMD Server SoCs Using These ARM CPUs

  • AMD Opteron A1170
  • AMD Opteron A1150
  • AMD Opteron A1120

NVIDIA Devices Using These ARM CPUs (Not Exhaustive)

  • NVIDIA SHIELD TV (ARM Cortex-A57)
  • NVIDIA SHIELD Tablet (ARM Cortex-A15)
  • NVIDIA Jetson TX2 (ARM Cortex-A57)
  • NVIDIA Jetson TX1 (ARM Cortex-A57)
  • NVIDIA Jetson TK1 (ARM Cortex-A15)
  • NVIDIA Jetson Tegra K1 (ARM Cortex-A15)

Digital TV / Media Player SoCs Using These ARM CPUs (Not Exhaustive)

  • Rockchip RK3399

Industrial SoCs Using These ARM CPUs (Not Exhaustive)

  • Texas Instruments Sitara AM5728
  • Texas Instruments Sitara AM5726
  • Texas Instruments Sitara AM5718
  • Texas Instruments Sitara AM5716
  • Texas Instruments Sitara AM5708
  • Texas Instruments Sitara AM5706
  • Texas Instruments Sitara AM5K2E04
  • Texas Instruments Sitara AM5K2E02

 

ARM CPUs Vulnerable To Only Spectre 1 & 2

Affected Variant : Variants 1 and 2 of the speculative execution CPU bug. They are not vulnerable to Meltdown.

  • ARM Cortex-A73
  • ARM Cortex-A17
  • ARM Cortex-A12
  • ARM Cortex-A9
  • ARM Cortex-A8
  • ARM Cortex-R8
  • ARM Cortex-R7

Mobile SoCs Using These ARM CPUs (Not Exhaustive)

  • HiSilicon Kirin 970
  • HiSilicon Kirin 960
  • HiSilicon Kirin 910 / 910T
  • HiSilicon K3V2 / K3V2E
  • MediaTek Helio P70
  • MediaTek Helio P40
  • MediaTek Helio X30 (MT6799)
  • MediaTek MT8377
  • MediaTek MT8317 / MT8317T
  • MediaTek MT6595 / MT6595M / MT6595 Turbo
  • MediaTek MT6577 / MT6577T
  • MediaTek MT6575 / MT6575M
  • MediaTek MT6517 / MT6517T
  • MediaTek MT6515
  • NVIDIA Tegra 4i
  • NVIDIA Tegra 3
  • NVIDIA Tegra 2
  • Qualcomm Snapdragon 835
  • Qualcomm Snapdragon 653
  • Samsung Exynos 9610
  • Samsung Exynos 7885
  • Samsung Exynos 7872
  • Samsung Exynos 4415 / 4412
  • Samsung Exynos 4212 / 4210
  • Samsung Exynos 3110

Tablet SoCs Using These ARM CPUs (Not Exhaustive)

  • Amlogic AML8726-M / M3
  • Amlogic AML8726-M6 / Amlogic MX
  • Amlogic M802
  • Amlogic M801

Digital TV / Media Player SoCs Using These ARM CPUs (Not Exhaustive)

  • Amlogic S812
  • Amlogic S802
  • MediaTek MT5595
  • MediaTek MT5580
  • MediaTek MT5505
  • MediaTek MT5398
  • Panasonic UniPhier MN2WS0220
  • Rockchip RK3288
  • Rockchip RK3188 / RK3188T / RK3168
  • Rockchip RK3066
  • Rockchip RK2928 / RK2926 / RK2918 / RK2906
  • Rockchip RK2818

Industrial SoCs Using These ARM CPUs (Not Exhaustive)

  • Texas Instruments Sitara AMIC120
  • Texas Instruments Sitara AMIC110
  • Texas Instruments Sitara AM4388
  • Texas Instruments Sitara AM4384
  • Texas Instruments Sitara AM4382
  • Texas Instruments Sitara AM4379
  • Texas Instruments Sitara AM4378
  • Texas Instruments Sitara AM4377
  • Texas Instruments Sitara AM4376
  • Texas Instruments Sitara AM4372
  • Texas Instruments Sitara AM3894
  • Texas Instruments Sitara AM3892
  • Texas Instruments Sitara AM3874
  • Texas Instruments Sitara AM3871
  • Texas Instruments Sitara AM3715
  • Texas Instruments Sitara AM3703
  • Texas Instruments Sitara AM3517
  • Texas Instruments Sitara AM3505
  • Texas Instruments Sitara AM3359
  • Texas Instruments Sitara AM3358 / AM3358-EP
  • Texas Instruments Sitara AM3357
  • Texas Instruments Sitara AM3356
  • Texas Instruments Sitara AM3354
  • Texas Instruments Sitara AM3352
  • Texas Instruments Sitara AM3351
  • Texas Instruments Sitara AM1810
  • Texas Instruments Sitara AM1808
  • Texas Instruments Sitara AM1806
  • Texas Instruments Sitara AM1802
  • Texas Instruments Sitara AM1707
  • Texas Instruments Sitara AM1705
  • Texas Instruments Sitara OMAP3515
  • Texas Instruments Sitara OMAP3503 / OMAP3503-HIREL

Embedded Computers Using These ARM CPUs (Not Exhaustive)

  • VIA VAB-1000
  • VIA VAB-820 / VAB-800
  • VIA VAB-630 / VAB-600
  • VIA ALTA DS
  • VIA QSM-8Q60
  • VIA SOM-6X50
  • VIA VTS-8589

 

IBM POWER CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These IBM POWER CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

  • IBM POWER4
  • IBM POWER4+
  • IBM POWER5
  • IBM POWER5+
  • IBM POWER6
  • IBM POWER6+
  • IBM POWER7
  • IBM POWER7+
  • IBM POWER8
    – including IBM Murano, IBM Turismo, PowerCore CP1
  • IBM POWER8 with NVLink / POWER8+
  • IBM POWER9
    – IBM Nimbus, IBM Cumulus

 

IBM z/Architecture CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These IBM z/Architecture CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

  • IBM z14
  • IBM z13
  • IBM zEC12
  • IBM z196
  • IBM z10
[adrotate group=”1″]

 

Intel UMPC / Smartphone SoCs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel SoCs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Apollo Lake (2016)

  • Intel Atom x7-E3950
  • Intel Atom x7-E3940
  • Intel Atom x7-E3930

Intel Braswell (2016)

  • Intel Atom x5-E8000

Intel Cherry Trail-T (2015)

  • Intel Atom X7-Z8750
  • Intel Atom X7-Z8700
  • Intel Atom X7-Z8550
  • Intel Atom X7-Z8500
  • Intel Atom X7-Z8350
  • Intel Atom X7-Z8330
  • Intel Atom X7-Z8300

Intel SoFIA (2015)

  • Intel Atom x3-C3445
  • Intel Atom x3-C3405
  • Intel Atom x3-C3400
  • Intel Atom x3-C3295RK
  • Intel Atom x3-C3265RK
  • Intel Atom x3-C3235RK
  • Intel Atom x3-C3230RK
  • Intel Atom x3-C3205RK
  • Intel Atom x3-C3200RK
  • Intel Atom x3-C3130

Intel Moorefield (2014)

  • Intel Atom Z3590
  • Intel Atom Z3580
  • Intel Atom Z3570
  • Intel Atom Z3560
  • Intel Atom Z3530

Intel Merrifield (2014)

  • Intel Atom Z3480
  • Intel Atom Z3460

Intel Bay Trail-T (2013)

  • Intel Atom Z3795
  • Intel Atom Z3785
  • Intel Atom Z3775
  • Intel Atom Z3775D
  • Intel Atom Z3770
  • Intel Atom Z3770D
  • Intel Atom Z3745
  • Intel Atom Z3745D
  • Intel Atom Z3740
  • Intel Atom Z3740D
  • Intel Atom Z3736F
  • Intel Atom Z3736G
  • Intel Atom Z3735D
  • Intel Atom Z3735E
  • Intel Atom Z3735F
  • Intel Atom Z3735G
  • Intel Atom Z3680
  • Intel Atom Z3680D

Intel Bay Trail-I (2013)

  • Intel Atom E3845
  • Intel Atom E3827
  • Intel Atom E3826
  • Intel Atom E3825
  • Intel Atom E3815
  • Intel Atom E3805

Next Page > Intel Server / Workstation CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Intel Server / Workstation CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Knights Mill (2017)

  • Intel Xeon Phi 7295
  • Intel Xeon Phi 7285
  • Intel Xeon Phi 7235

Intel Skylake-W (2017)

  • Intel Xeon W-2195
  • Intel Xeon W-2175
  • Intel Xeon W-2155
  • Intel Xeon W-2150B
  • Intel Xeon W-2145
  • Intel Xeon W-2140B
  • Intel Xeon W-2135
  • Intel Xeon W-2133
  • Intel Xeon W-2125
  • Intel Xeon W-2123
  • Intel Xeon W-2104
  • Intel Xeon W-2102

Intel Skylake-SP (2017)

  • Intel Xeon Platinum 8180
  • Intel Xeon Platinum 8180M
  • Intel Xeon Platinum 8176
  • Intel Xeon Platinum 8176F
  • Intel Xeon Platinum 8176M
  • Intel Xeon Platinum 8173M
  • Intel Xeon Platinum 8170
  • Intel Xeon Platinum 8170M
  • Intel Xeon Platinum 8168
  • Intel Xeon Platinum 8167M
  • Intel Xeon Platinum 8164
  • Intel Xeon Platinum 8163
  • Intel Xeon Platinum 8160
  • Intel Xeon Platinum 8160F
  • Intel Xeon Platinum 8160M
  • Intel Xeon Platinum 8160T
  • Intel Xeon Platinum 8158
  • Intel Xeon Platinum 8156
  • Intel Xeon Platinum 8153
  • Intel Xeon Gold 6161
  • Intel Xeon Gold 6154
  • Intel Xeon Gold 6152
  • Intel Xeon Gold 6150
  • Intel Xeon Gold 6149
  • Intel Xeon Gold 6148
  • Intel Xeon Gold 6148F
  • Intel Xeon Gold 6146
  • Intel Xeon Gold 6145
  • Intel Xeon Gold 6144
  • Intel Xeon Gold 6142
  • Intel Xeon Gold 6142F
  • Intel Xeon Gold 6142M
  • Intel Xeon Gold 6140
  • Intel Xeon Gold 6140M
  • Intel Xeon Gold 6138
  • Intel Xeon Gold 6138F
  • Intel Xeon Gold 6138T
  • Intel Xeon Gold 6136
  • Intel Xeon Gold 6134
  • Intel Xeon Gold 6134M
  • Intel Xeon Gold 6132
  • Intel Xeon Gold 6130
  • Intel Xeon Gold 6130F
  • Intel Xeon Gold 6130T
  • Intel Xeon Gold 6128
  • Intel Xeon Gold 6126
  • Intel Xeon Gold 6126F
  • Intel Xeon Gold 6126T
  • Intel Xeon Gold 6122
  • Intel Xeon Gold 6120
  • Intel Xeon Gold 6120T
  • Intel Xeon Gold 6119T
  • Intel Xeon Gold 6118
  • Intel Xeon Gold 6117
  • Intel Xeon Gold 6117F
  • Intel Xeon Gold 6115
  • Intel Xeon Silver 4116
  • Intel Xeon Silver 4116T
  • Intel Xeon Silver 4114
  • Intel Xeon Silver 4114T
  • Intel Xeon Silver 4112
  • Intel Xeon Silver 4110
  • Intel Xeon Silver 4109T
  • Intel Xeon Silver 4108
  • Intel Xeon Bronze 3106
  • Intel Xeon Bronze 3104

Intel Denverton (2017)

  • Intel Atom C3958
  • Intel Atom C3955
  • Intel Atom C3950
  • Intel Atom C3855
  • Intel Atom C3850
  • Intel Atom C3830
  • Intel Atom C3808
  • Intel Atom C3758
  • Intel Atom C3750
  • Intel Atom C3708
  • Intel Atom C3558
  • Intel Atom C3538
  • Intel Atom C3508
  • Intel Atom C3338
  • Intel Atom C3308

Intel Kaby Lake-DT (2017)

  • Intel Xeon E3-1285 v6
  • Intel Xeon E3-1280 v6
  • Intel Xeon E3-1275 v6
  • Intel Xeon E3-1270 v6
  • Intel Xeon E3-1245 v6
  • Intel Xeon E3-1240 v6
  • Intel Xeon E3-1230 v6
  • Intel Xeon E3-1225 v6
  • Intel Xeon E3-1220 v6

Intel Kaby Lake-H (2017)

  • Intel Xeon E3-1535M
  • Intel Xeon E3-1505M
  • Intel Xeon E3-1505L
  • Intel Xeon E3-1501L
  • Intel Xeon E3-1501M

Intel Knights Landing (2016)

  • Intel Xeon Phi 7290F
  • Intel Xeon Phi 7290
  • Intel Xeon Phi 7250F
  • Intel Xeon Phi 7250
  • Intel Xeon Phi 7230F
  • Intel Xeon Phi 7230
  • Intel Xeon Phi 7210F
  • Intel Xeon Phi 7210

Intel Skylake-H (2016)

  • Intel Xeon E3-1585 v5
  • Intel Xeon E3-1585L v5
  • Intel Xeon E3-1578L v5
  • Intel Xeon E3-1575M v5
  • Intel Xeon E3-1565L v5
  • Intel Xeon E3-1558L v5
  • Intel Xeon E3-1545M v5
  • Intel Xeon E3-1535M v5
  • Intel Xeon E3-1515M v5
  • Intel Xeon E3-1505M v5
  • Intel Xeon E3-1505L v5

Intel Broadwell-EX (2016)

  • Intel E7-8894 v4
  • Intel E7-8893 v4
  • Intel E7-8891 v4
  • Intel E7-8890 v4
  • Intel E7-8880 v4
  • Intel E7-8870 v4
  • Intel E7-8867 v4
  • Intel E7-8860 v4
  • Intel E7-8855 v4
  • Intel E7-4850 v4
  • Intel E7-4830 v4
  • Intel E7-4820 v4
  • Intel E7-4809 v4

Intel Broadwell-EP (2016)

  • Intel Xeon E5-4669 v4
  • Intel Xeon E5-4667 v4
  • Intel Xeon E5-4660 v4
  • Intel Xeon E5-4650 v4
  • Intel Xeon E5-4640 v4
  • Intel Xeon E5-4628L v4
  • Intel Xeon E5-4627 v4
  • Intel Xeon E5-4620 v4
  • Intel Xeon E5-4610 v4
  • Intel Xeon E5-2699 v4
  • Intel Xeon E5-2699A v4
  • Intel Xeon E5-2699C v4
  • Intel Xeon E5-2699P v4
  • Intel Xeon E5-2699R v4
  • Intel Xeon E5-2698 v4
  • Intel Xeon E5-2697 v4
  • Intel Xeon E5-2697A v4
  • Intel Xeon E5-2696 v4
  • Intel Xeon E5-2695 v4
  • Intel Xeon E5-2690 v4
  • Intel Xeon E5-2689 v4
  • Intel Xeon E5-2689A v4
  • Intel Xeon E5-2687W v4
  • Intel Xeon E5-2686 v4
  • Intel Xeon E5-2683 v4
  • Intel Xeon E5-2682 v4
  • Intel Xeon E5-2680 v4
  • Intel Xeon E5-2679 v4
  • Intel Xeon E5-2676 v4
  • Intel Xeon E5-2676 v4
  • Intel Xeon AWS-1100 v4
  • Intel Xeon E5-2667 v4
  • Intel Xeon E5-2666 v4
  • Intel Xeon E5-2660 v4
  • Intel Xeon E5-2658 v4
  • Intel Xeon E5-2650 v4
  • Intel Xeon E5-2650L v4
  • Intel Xeon E5-2648L v4
  • Intel Xeon E5-2643 v4
  • Intel Xeon E5-2640 v4
  • Intel Xeon E5-2637 v4
  • Intel Xeon E5-2630 v4
  • Intel Xeon E5-2630L v4
  • Intel Xeon E5-2628L v4
  • Intel Xeon E5-2623 v4
  • Intel Xeon E5-2620 v4
  • Intel Xeon E5-2618L v4
  • Intel Xeon E5-2609 v4
  • Intel Xeon E5-2608L v4
  • Intel Xeon E5-2607 v4
  • Intel Xeon E5-2603 v4
  • Intel Xeon E5-1680 v4
  • Intel Xeon E5-1660 v4
  • Intel Xeon E5-1650 v4
  • Intel Xeon E5-1630 v4
  • Intel Xeon E5-1620 v4
  • Intel Xeon E5-1607 v4
  • Intel Xeon E5-1603 v4

Intel Skylake-DT (2015)

  • Intel Xeon E5-1280 v5
  • Intel Xeon E5-1275 v5
  • Intel Xeon E5-1270 v5
  • Intel Xeon E5-1268L v5
  • Intel Xeon E5-1260L v5
  • Intel Xeon E5-1245 v5
  • Intel Xeon E5-1240 v5
  • Intel Xeon E5-1240L v5
  • Intel Xeon E5-1235L v5
  • Intel Xeon E5-1230 v5
  • Intel Xeon E5-1225 v5
  • Intel Xeon E5-1220 v5

Intel Broadwell-H (2015)

  • Intel Xeon E3-1285 v4
  • Intel Xeon E3-1285L v4
  • Intel Xeon E3-1284L v4
  • Intel Xeon E3-1278L v4
  • Intel Xeon E3-1270L v4
  • Intel Xeon E3-1265L v4
  • Intel Xeon E3-1258L v4

Intel Broadwell-DE (2015)

  • Intel Xeon D-1587
  • Intel Xeon D-1581
  • Intel Xeon D-1577
  • Intel Xeon D-1571
  • Intel Xeon D-1567
  • Intel Xeon D-1559
  • Intel Xeon D-1557
  • Intel Xeon D-1553N
  • Intel Xeon D-1548
  • Intel Xeon D-1543N
  • Intel Xeon D-1541
  • Intel Xeon D-1540
  • Intel Xeon D-1539
  • Intel Xeon D-1537
  • Intel Xeon D-1533N
  • Intel Xeon D-1531
  • Intel Xeon D-1529
  • Intel Xeon D-1528
  • Intel Xeon D-1527
  • Intel Xeon D-1523N
  • Intel Xeon D-1521
  • Intel Xeon D-1520
  • Intel Xeon D-1518
  • Intel Xeon D-1513N
  • Intel Pentium D1519
  • Intel Pentium D1517
  • Intel Pentium D1509
  • Intel Pentium D1508
  • Intel Pentium D1507

Intel Haswell-EX (2015)

  • Intel Xeon E7-8895 v3
  • Intel Xeon E7-8893 v3
  • Intel Xeon E7-8891 v3
  • Intel Xeon E7-8890 v3
  • Intel Xeon E7-8880 v3
  • Intel Xeon E7-8880L v3
  • Intel Xeon E7-8870 v3
  • Intel Xeon E7-8867 v3
  • Intel Xeon E7-8860 v3
  • Intel Xeon E7-4850 v3
  • Intel Xeon E7-4830 v3
  • Intel Xeon E7-4820 v3
  • Intel Xeon E7-4809 v3

Intel Haswell-EN (2015)

  • Intel Xeon E5-2438L v3
  • Intel Xeon E5-2428L v3
  • Intel Xeon E5-2418L v3
  • Intel Xeon E5-2408L v3
  • Intel Xeon E5-1428L v3

Intel Haswell-EP (2014)

  • Intel Xeon E5-4669 v3
  • Intel Xeon E5-4667 v3
  • Intel Xeon E5-4660 v3
  • Intel Xeon E5-4655 v3
  • Intel Xeon E5-4650 v3
  • Intel Xeon E5-4648 v3
  • Intel Xeon E5-4640 v3
  • Intel Xeon E5-4627 v3
  • Intel Xeon E5-4620 v3
  • Intel Xeon E5-4610 v3
  • Intel Xeon E5-2699 v3
  • Intel Xeon E5-2698 v3
  • Intel Xeon E5-2698A v3
  • Intel Xeon E5-2698B v3
  • Intel Xeon E5-2697 v3
  • Intel Xeon E5-2696 v3
  • Intel Xeon E5-2695 v3
  • Intel Xeon E5-2693 v3
  • Intel Xeon E5-2692 v3
  • Intel Xeon E5-2695 v3
  • Intel Xeon E5-2690 v3
  • Intel Xeon E5-2687W v3
  • Intel Xeon E5-2685 v3
  • Intel Xeon E5-2683 v3
  • Intel Xeon E5-2680 v3
  • Intel Xeon E5-2678 v3
  • Intel Xeon E5-2676 v3
  • Intel Xeon E5-2675 v3
  • Intel Xeon E5-2673 v3
  • Intel Xeon E5-2670 v3
  • Intel Xeon E5-2669 v3
  • Intel Xeon E5-2667 v3
  • Intel Xeon E5-2666 v3
  • Intel Xeon E5-2663 v3
  • Intel Xeon E5-2660 v3
  • Intel Xeon E5-2658 v3
  • Intel Xeon E5-2658A v3
  • Intel Xeon E5-2652 v3
  • Intel Xeon E5-2650 v3
  • Intel Xeon E5-2650L v3
  • Intel Xeon E5-2649 v3
  • Intel Xeon E5-2643 v3
  • Intel Xeon E5-2640 v3
  • Intel Xeon E5-2648L v3
  • Intel Xeon E5-2637 v3
  • Intel Xeon E5-2630 v3
  • Intel Xeon E5-2630L v3
  • Intel Xeon E5-2629 v3
  • Intel Xeon E5-2628 v3
  • Intel Xeon E5-2628L v3
  • Intel Xeon E5-2623 v3
  • Intel Xeon E5-2622 v3
  • Intel Xeon E5-2620 v3
  • Intel Xeon E5-2618L v3
  • Intel Xeon E5-2609 v3
  • Intel Xeon E5-2608L v3
  • Intel Xeon E5-2603 v3
  • Intel Xeon E5-1691 v3
  • Intel Xeon E5-1686 v3
  • Intel Xeon E5-1681 v3
  • Intel Xeon E5-1680 v3
  • Intel Xeon E5-1660 v3
  • Intel Xeon E5-1650 v3
  • Intel Xeon E5-1630 v3
  • Intel Xeon E5-1620 v3
  • Intel Xeon E5-1607 v3
  • Intel Xeon E5-1603 v3

Intel Ivy Bridge-EN (2014)

  • Intel Xeon E5-2470 v2
  • Intel Xeon E5-2450 v2
  • Intel Xeon E5-2450L v2
  • Intel Xeon E5-2448L v2
  • Intel Xeon E5-2440 v2
  • Intel Xeon E5-2430 v2
  • Intel Xeon E5-2430L v2
  • Intel Xeon E5-2428L v2
  • Intel Xeon E5-2420 v2
  • Intel Xeon E5-2418L v2
  • Intel Xeon E5-2407 v2
  • Intel Xeon E5-2403 v2
  • Intel Xeon E5-1428L v2
  • Intel Xeon E5-1410 v2

Intel Ivy Bridge-EX (2014)

  • Intel Xeon E7-8895 v2
  • Intel Xeon E7-8893 v2
  • Intel Xeon E7-8891 v2
  • Intel Xeon E7-8890 v2
  • Intel Xeon E7-8880 v2
  • Intel Xeon E7-8880L v2
  • Intel Xeon E7-8870 v2
  • Intel Xeon E7-8857 v2
  • Intel Xeon E7-8850 v2
  • Intel Xeon E7-4890 v2
  • Intel Xeon E7-4880 v2
  • Intel Xeon E7-4870 v2
  • Intel Xeon E7-4860 v2
  • Intel Xeon E7-4850 v2
  • Intel Xeon E7-4830 v2
  • Intel Xeon E7-4820 v2
  • Intel Xeon E7-4809 v2
  • Intel Xeon E7-2890 v2
  • Intel Xeon E7-2880 v2
  • Intel Xeon E7-2870 v2
  • Intel Xeon E7-2850 v2
[adrotate group=”1″]

Intel Rangeley (2013)

  • Intel Atom C2758
  • Intel Atom C2738
  • Intel Atom C2718
  • Intel Atom C2558
  • Intel Atom C2538
  • Intel Atom C2518
  • Intel Atom C2516
  • Intel Atom C2508
  • Intel Atom C2358
  • Intel Atom C2338
  • Intel Atom C2316
  • Intel Atom C2308

Intel Avoton (2013)

  • Intel Atom C2750
  • Intel Atom C2730
  • Intel Atom C2550
  • Intel Atom C2530
  • Intel Atom C2350

Intel Haswell-WS (2013)

  • Intel Xeon E3-1286 v3
  • Intel Xeon E3-1286L v3
  • Intel Xeon E3-1285 v3
  • Intel Xeon E3-1285L v3
  • Intel Xeon E3-1284L v3
  • Intel Xeon E3-1281 v3
  • Intel Xeon E3-1280 v3
  • Intel Xeon E3-1276 v3
  • Intel Xeon E3-1275 v3
  • Intel Xeon E3-1275L v3
  • Intel Xeon E3-1271 v3
  • Intel Xeon E3-1270 v3
  • Intel Xeon E3-1268L v3
  • Intel Xeon E3-1265L v3
  • Intel Xeon E3-1246 v3
  • Intel Xeon E3-1245 v3
  • Intel Xeon E3-1241 v3
  • Intel Xeon E3-1240 v3
  • Intel Xeon E3-1240L v3
  • Intel Xeon E3-1230L v3
  • Intel Xeon E3-1231 v3
  • Intel Xeon E3-1230 v3
  • Intel Xeon E3-1226 v3
  • Intel Xeon E3-1225 v3
  • Intel Xeon E3-1220 v3
  • Intel Xeon E3-1220L v3

Intel Ivy Bridge-EP (2013)

  • Intel Xeon E5-4657L v2
  • Intel Xeon E5-4650 v2
  • Intel Xeon E5-4640 v2
  • Intel Xeon E5-4627 v2
  • Intel Xeon E5-4624L v2
  • Intel Xeon E5-4620 v2
  • Intel Xeon E5-4610 v2
  • Intel Xeon E5-4607 v2
  • Intel Xeon E5-4603 v2
  • Intel Xeon E5-2697 v2
  • Intel Xeon E5-2696 v2
  • Intel Xeon E5-2695 v2
  • Intel Xeon E5-2692 v2
  • Intel Xeon E5-2690 v2
  • Intel Xeon E5-2687W v2
  • Intel Xeon E5-2680 v2
  • Intel Xeon E5-2673 v2
  • Intel Xeon E5-2670 v2
  • Intel Xeon E5-2667 v2
  • Intel Xeon E5-2660 v2
  • Intel Xeon E5-2658 v2
  • Intel Xeon E5-2651 v2
  • Intel Xeon E5-2650 v2
  • Intel Xeon E5-2650L v2
  • Intel Xeon E5-2648L v2
  • Intel Xeon E5-2643 v2
  • Intel Xeon E5-2640 v2
  • Intel Xeon E5-2637 v2
  • Intel Xeon E5-2630 v2
  • Intel Xeon E5-2630L v2
  • Intel Xeon E5-2628L v2
  • Intel Xeon E5-2620 v2
  • Intel Xeon E5-2618L v2
  • Intel Xeon E5-2609 v2
  • Intel Xeon E5-2603 v2
  • Intel Xeon E5-1680 v2
  • Intel Xeon E5-1660 v2
  • Intel Xeon E5-1650 v2
  • Intel Xeon E5-1620 v2
  • Intel Xeon E5-1607 v2

Intel Gladden – Ivy Bridge (2013)

  • Intel Xeon E3-1135C v2
  • Intel Xeon E3-1125C v2
  • Intel Xeon E3-1105C v2

Intel Ivy Bridge (2012)

  • Intel Xeon E-1290 v2
  • Intel Xeon E-1280 v2
  • Intel Xeon E-1275 v2
  • Intel Xeon E-1270 v2
  • Intel Xeon E-1265L v2
  • Intel Xeon E-1245 v2
  • Intel Xeon E-1240 v2
  • Intel Xeon E-1230 v2
  • Intel Xeon E-1225 v2
  • Intel Xeon E-1220 v2
  • Intel Xeon E-1220L v2
  • Intel Pentium 1405 v2
  • Intel Pentium 1403 v2

Intel Sandy Bridge-EP (2012)

  • Intel Xeon E5-4650
  • Intel Xeon E5-4650L
  • Intel Xeon E5-4640
  • Intel Xeon E5-4620
  • Intel Xeon E5-4617
  • Intel Xeon E5-4610
  • Intel Xeon E5-4607
  • Intel Xeon E5-4603
  • Intel Xeon E5-2690
  • Intel Xeon E5-2689
  • Intel Xeon E5-2687W
  • Intel Xeon E5-2680
  • Intel Xeon E5-2670
  • Intel Xeon E5-2667
  • Intel Xeon E5-2665
  • Intel Xeon E5-2660
  • Intel Xeon E5-2658
  • Intel Xeon E5-2650
  • Intel Xeon E5-2650L
  • Intel Xeon E5-2648L
  • Intel Xeon E5-2643
  • Intel Xeon E5-2640
  • Intel Xeon E5-2637
  • Intel Xeon E5-2630
  • Intel Xeon E5-2630L
  • Intel Xeon E5-2628L
  • Intel Xeon E5-2620
  • Intel Xeon E5-2618L
  • Intel Xeon E5-2609
  • Intel Xeon E5-2603
  • Intel Xeon E5-1660
  • Intel Xeon E5-1650
  • Intel Xeon E5-1620
  • Intel Xeon E5-1607
  • Intel Xeon E5-1603

Intel Sandy Bridge-EN (2012)

  • Intel Xeon E5-2470
  • Intel Xeon E5-2450
  • Intel Xeon E5-2450L
  • Intel Xeon E5-2449L
  • Intel Xeon E5-2448L
  • Intel Xeon E5-2440
  • Intel Xeon E5-2430
  • Intel Xeon E5-2430L
  • Intel Xeon E5-2428L
  • Intel Xeon E5-2420
  • Intel Xeon E5-2418L
  • Intel Xeon E5-2407
  • Intel Xeon E5-2403
  • Intel Xeon E5-1428L
  • Intel Xeon E5-1410

Intel Gladden – Sandy Bridge (2012)

  • Intel Xeon E3-1125C
  • Intel Xeon E3-1105C

Intel Sandy Bridge (2011)

  • Intel Xeon E3-1290
  • Intel Xeon E3-1280
  • Intel Xeon E3-1275
  • Intel Xeon E3-1270
  • Intel Xeon E3-1260L
  • Intel Xeon E3-1245
  • Intel Xeon E3-1240
  • Intel Xeon E3-1235
  • Intel Xeon E3-1230
  • Intel Xeon E3-1225
  • Intel Xeon E3-1220
  • Intel Xeon E3-1220L
  • Intel Pentium 1407
  • Intel Pentium 1405
  • Intel Pentium 1403
  • Intel Pentium 350

Intel Westmere-EX (2011)

  • Intel Xeon E7-8870
  • Intel Xeon E7-8867L
  • Intel Xeon E7-8860
  • Intel Xeon E7-8850
  • Intel Xeon E7-8837
  • Intel Xeon E7-8830
  • Intel Xeon E7-4870
  • Intel Xeon E7-4860
  • Intel Xeon E7-4850
  • Intel Xeon E7-4830
  • Intel Xeon E7-4820
  • Intel Xeon E7-4807
  • Intel Xeon E7-2870
  • Intel Xeon E7-2860
  • Intel Xeon E7-2850
  • Intel Xeon E7-2830
  • Intel Xeon E7-2820
  • Intel Xeon E7-2803

Intel Gulftown (2010)

  • Intel Xeon W3690
  • Intel Xeon W3580
  • Intel Xeon W3570

Intel Clarksdale (2010)

  • Intel Xeon L3406
  • Intel Xeon L3403

Intel Jasper Forest (2010)

  • Intel Xeon EC5549
  • Intel Xeon EC5539
  • Intel Xeon EC5509
  • Intel Xeon LC5528
  • Intel Xeon LC5518
  • Intel Xeon EC3539
  • Intel Xeon LC3528
  • Intel Xeon LC3518

Intel Beckton (2010)

  • Intel Xeon X7560
  • Intel Xeon L7555
  • Intel Xeon X7550
  • Intel Xeon L7545
  • Intel Xeon X7542
  • Intel Xeon E7540
  • Intel Xeon E7530
  • Intel Xeon E7520
  • Intel Xeon X6550
  • Intel Xeon E6540
  • Intel Xeon E6510

Intel Westmere-EP (2010)

  • Intel Xeon X5698
  • Intel Xeon X5690
  • Intel Xeon X5687
  • Intel Xeon X5680
  • Intel Xeon X5679
  • Intel Xeon X5677
  • Intel Xeon X5675
  • Intel Xeon X5672
  • Intel Xeon X5670
  • Intel Xeon X5667
  • Intel Xeon X5660
  • Intel Xeon X5650
  • Intel Xeon E5649
  • Intel Xeon X5647
  • Intel Xeon E5645
  • Intel Xeon L5645
  • Intel Xeon E5640
  • Intel Xeon L5640
  • Intel Xeon L5639
  • Intel Xeon E5630
  • Intel Xeon L5638
  • Intel Xeon E5620
  • Intel Xeon E5607
  • Intel Xeon E5606
  • Intel Xeon E5603

Intel Gainestown (2009)

  • Intel Xeon W5590
  • Intel Xeon W5580
  • Intel Xeon X5570
  • Intel Xeon X5560
  • Intel Xeon X5550
  • Intel Xeon E5540
  • Intel Xeon E5530
  • Intel Xeon L5530
  • Intel Xeon E5520
  • Intel Xeon L5520
  • Intel Xeon L5518
  • Intel Xeon L5508
  • Intel Xeon E5507
  • Intel Xeon E5506
  • Intel Xeon L5506
  • Intel Xeon E5504
  • Intel Xeon E5503
  • Intel Xeon E5502

Intel Lynnfield (2009)

  • Intel Xeon X3480
  • Intel Xeon X3470
  • Intel Xeon X3460
  • Intel Xeon X3450
  • Intel Xeon X3440
  • Intel Xeon X3430
  • Intel Xeon L3426

Intel Bloomfield (2009)

  • Intel Xeon W3580
  • Intel Xeon W3570
  • Intel Xeon W3565
  • Intel Xeon W3550
  • Intel Xeon W3540
  • Intel Xeon W3530
  • Intel Xeon W3520
  • Intel Xeon W3505
  • Intel Xeon W3503

Intel Yorkfield (2008-2009)

  • Intel Xeon X3380
  • Intel Xeon L3380
  • Intel Xeon X3370
  • Intel Xeon X3360
  • Intel Xeon X3350

Intel Wolfdale (2008-2009)

  • Intel Xeon E3120
  • Intel Xeon E3110
  • Intel Xeon L3110

Intel Dunnington (2008)

  • Intel Xeon X7460
  • Intel Xeon E7458
  • Intel Xeon L7455
  • Intel Xeon E7450
  • Intel Xeon L7445
  • Intel Xeon E7440
  • Intel Xeon E7430
  • Intel Xeon E7420

Intel Yorkfield-6M (2008)

  • Intel Xeon X3330
  • Intel Xeon X3320

Intel Yorkfield-CL (2008)

  • Intel Xeon X3363
  • Intel Xeon X3353
  • Intel Xeon X3323
  • Intel Xeon X3113
  • Intel Xeon L3014

Intel Harpertown (2007-2008)

  • Intel Xeon X5492
  • Intel Xeon X5482
  • Intel Xeon X5472
  • Intel Xeon E5472
  • Intel Xeon E5462
  • Intel Xeon X5470
  • Intel Xeon X5460
  • Intel Xeon X5450
  • Intel Xeon E5450
  • Intel Xeon E5440
  • Intel Xeon E5430
  • Intel Xeon L5430
  • Intel Xeon E5420
  • Intel Xeon L5420
  • Intel Xeon E5410
  • Intel Xeon L5410
  • Intel Xeon L5408
  • Intel Xeon E5405

Intel Wolfdale-DP (2007-2008)

  • Intel Xeon X5272
  • Intel Xeon X5270
  • Intel Xeon X5260
  • Intel Xeon L5248
  • Intel Xeon X5240
  • Intel Xeon L5240
  • Intel Xeon L5238
  • Intel Xeon X5220
  • Intel Xeon L5215
  • Intel Xeon X5205

Intel Tigerton (2007)

  • Intel Xeon X7350
  • Intel Xeon L7345
  • Intel Xeon E7340
  • Intel Xeon E7330
  • Intel Xeon E7320
  • Intel Xeon E7310
  • Intel Xeon E7220
  • Intel Xeon E7210

Intel Kentsfield (2007)

  • Intel Xeon X3230
  • Intel Xeon X3220
  • Intel Xeon X3210

Intel Allendale (2007)

  • Intel Xeon 3050
  • Intel Xeon 3040

Intel Clovertown (2006-2007)

  • Intel Xeon X5365
  • Intel Xeon X5355
  • Intel Xeon X5350
  • Intel Xeon E5350
  • Intel Xeon E5345
  • Intel Xeon E5340
  • Intel Xeon E5335
  • Intel Xeon L5335
  • Intel Xeon E5330
  • Intel Xeon E5320
  • Intel Xeon L5320
  • Intel Xeon L5318
  • Intel Xeon E5310
  • Intel Xeon L5310

Intel Conroe (2006-2007)

  • Intel Xeon 3085
  • Intel Xeon 3075
  • Intel Xeon 3070
  • Intel Xeon 3065
  • Intel Xeon 3060
  • Intel Xeon 3050
  • Intel Xeon 3040

Intel Woodcrest (2006)

  • Intel Xeon 5160
  • Intel Xeon 5150
  • Intel Xeon LV 5148
  • Intel Xeon 5140
  • Intel Xeon LV 5138
  • Intel Xeon LV 5133
  • Intel Xeon 5130
  • Intel Xeon LV 5128
  • Intel Xeon 5120
  • Intel Xeon LV 5113
  • Intel Xeon 5110

Next Page > Intel Desktop CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Intel Desktop CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Coffee Lake-S (2017)

  • Intel Core i7-8700K
  • Intel Core i7-8700
  • Intel Core i5-8600K
  • Intel Core i5-8400
  • Intel Core i3-8350K
  • Intel Core i3-8100

Intel Gemini Lake (2017)

  • Intel Pentium Silver J5005
  • Intel Celeron J4105
  • Intel Celeron J4005

Intel Denverton (2017)

  • Intel Celeron C3958
  • Intel Celeron C3955
  • Intel Celeron C3950
  • Intel Celeron C3858
  • Intel Celeron C3850
  • Intel Celeron C3830
  • Intel Celeron C3808
  • Intel Celeron C3758
  • Intel Celeron C3750
  • Intel Celeron C3708
  • Intel Celeron C3558
  • Intel Celeron C3538
  • Intel Celeron C3508
  • Intel Celeron C3338
  • Intel Celeron C3308

Intel Kaby Lake-X (2017)

  • Intel Core i7-7740X
  • Intel Core i5-7640X

Intel Kaby Lake-S (2017)

  • Intel Core i7-7700K
  • Intel Core i7-7700
  • Intel Core i7-7700T
  • Intel Core i5-7600K
  • Intel Core i5-7600
  • Intel Core i5-7600T
  • Intel Core i5-7500
  • Intel Core i5-7500T
  • Intel Core i5-7400
  • Intel Core i5-7400T
  • Intel Core i3-7350K
  • Intel Core i3-7320
  • Intel Core i3-7300
  • Intel Core i3-7300T
  • Intel Core i3-7101T
  • Intel Core i3-7101TE
  • Intel Core i3-7100
  • Intel Core i3-7100T
  • Intel Pentium G4620
  • Intel Pentium G4600
  • Intel Pentium G4600T
  • Intel Pentium G4560
  • Intel Pentium G4560T
  • Intel Celeron G3950
  • Intel Celeron G3930
  • Intel Celeron G3930T
  • Intel Celeron G3930E
  • Intel Celeron G3930TE

Intel Skylake-X (2017)

  • Intel Core i9-7980XE
  • Intel Core i9-7960X
  • Intel Core i9-7940X
  • Intel Core i9-7920X
  • Intel Core i9-7900X
  • Intel Core i7-7820X
  • Intel Core i7-7800X

Intel Apollo Lake (2016)

  • Intel Pentium J4205
  • Intel Pentium J3455
  • Intel Pentium J3355
  • Intel Celeron J3455
  • Intel Celeron J3355
  • Intel Atom x5-E3950
  • Intel Atom x5-E3940
  • Intel Atom x5-E3930

Intel Skylake-H (2016)

  • Intel Core i7-6785R
  • Intel Core i5-6685R
  • Intel Core i5-6585R

Intel Braswell (2016)

  • Intel Pentium J3710
  • Intel Celeron J3160
  • Intel Celeron J3060
  • Intel Atom x5-E8000

Intel Broadwell-E (2016)

  • Intel Core i7-6950X
  • Intel Core i7-6900K
  • Intel Core i7-6850X
  • Intel Core i7-6800X

Intel Skylake-S (2015)

  • Intel Core i7-6700K
  • Intel Core i7-6700
  • Intel Core i7-6700T
  • Intel Core i7-6700TE
  • Intel Core i5-6600K
  • Intel Core i5-6600
  • Intel Core i5-6600T
  • Intel Core i5-6500
  • Intel Core i5-6500T
  • Intel Core i5-6500TE
  • Intel Core i5-6402P
  • Intel Core i5-6400
  • Intel Core i5-6400T
  • Intel Core i3-6320
  • Intel Core i3-6300
  • Intel Core i3-6300T
  • Intel Core i3-6100
  • Intel Core i3-6100T
  • Intel Core i3-6100TE
  • Intel Core i3-6098P
  • Intel Pentium G4520
  • Intel Pentium G4500
  • Intel Pentium G4500T
  • Intel Pentium G4400
  • Intel Pentium G4400T
  • Intel Pentium G4400TE
  • Intel Celeron G3920
  • Intel Celeron G3902E
  • Intel Celeron G3900
  • Intel Celeron G3900T
  • Intel Celeron G3900E
  • Intel Celeron G3900TE

Intel Broadwell-H (2015)

  • Intel Core i7-5775C
  • Intel Core i7-5775R
  • Intel Core i5-5675R
  • Intel Core i5-5675C
  • Intel Core i5-5575R

Intel Haswell-E (2014)

  • Intel Core i7-5960X
  • Intel Core i7-5930K
  • Intel Core i7-5820K

Intel Haswell-H (2013)

  • Intel Core i7-4770R
  • Intel Core i5-4670R
  • Intel Core i5-4570R

Intel Haswell-DT (2013)

  • Intel Core i7-4790K
  • Intel Core i7-4790
  • Intel Core i7-4790S
  • Intel Core i7-4790T
  • Intel Core i7-4785T
  • Intel Core i7-4771
  • Intel Core i7-4770K
  • Intel Core i7-4770
  • Intel Core i7-4770S
  • Intel Core i7-4770T
  • Intel Core i7-4770TE
  • Intel Core i7-4765T
  • Intel Core i5-4690K
  • Intel Core i5-4690
  • Intel Core i5-4690S
  • Intel Core i5-4690T
  • Intel Core i5-4670K
  • Intel Core i5-4670
  • Intel Core i5-4670S
  • Intel Core i5-4670T
  • Intel Core i5-4590
  • Intel Core i5-4590S
  • Intel Core i5-4590T
  • Intel Core i5-4570
  • Intel Core i5-4570S
  • Intel Core i5-4570T
  • Intel Core i5-4570TE
  • Intel Core i5-4460
  • Intel Core i5-4460S
  • Intel Core i5-4460T
  • Intel Core i5-4440
  • Intel Core i5-4440S
  • Intel Core i5-4430
  • Intel Core i5-4430S
  • Intel Core i3-4370
  • Intel Core i3-4370T
  • Intel Core i3-4360
  • Intel Core i3-4360T
  • Intel Core i3-4350
  • Intel Core i3-4350T
  • Intel Core i3-4340
  • Intel Core i3-4340TE
  • Intel Core i3-4330
  • Intel Core i3-4330T
  • Intel Core i3-4330TE
  • Intel Core i3-4170
  • Intel Core i3-4170T
  • Intel Core i3-4160
  • Intel Core i3-4160T
  • Intel Core i3-4150
  • Intel Core i3-4150T
  • Intel Core i3-4130
  • Intel Core i3-4130T
  • Intel Pentium G3470
  • Intel Pentium G3460
  • Intel Pentium G3460T
  • Intel Pentium G3450
  • Intel Pentium G3450T
  • Intel Pentium G3440
  • Intel Pentium G3440T
  • Intel Pentium G3430
  • Intel Pentium G3420
  • Intel Pentium G3420T
  • Intel Pentium G3320TE
  • Intel Pentium G3260
  • Intel Pentium G3260T
  • Intel Pentium G3258
  • Intel Pentium G3250
  • Intel Pentium G3250T
  • Intel Pentium G3240
  • Intel Pentium G3240T
  • Intel Pentium G3220
  • Intel Pentium G3220T
  • Intel Celeron G1850
  • Intel Celeron G1840
  • Intel Celeron G1840T
  • Intel Celeron G1830
  • Intel Celeron G1820
  • Intel Celeron G1820T
  • Intel Celeron G1820TE
[adrotate group=”1″]

Intel Bay Trail-D (2013)

  • Intel Celeron J1900
  • Intel Celeron J1850
  • Intel Celeron J1800
  • Intel Celeron J1750

Intel Bay Trail-I (2013)

  • Intel Atom E3845
  • Intel Atom E3827
  • Intel Atom E3826
  • Intel Atom E3825
  • Intel Atom E3815
  • Intel Atom E3805

Intel Ivy Bridge-E (2012)

  • Intel Core i7-4960X
  • Intel Core i7-4960K
  • Intel Core i7-4820K

Intel Ivy Bridge (2012)

  • Intel Core i7-3770K
  • Intel Core i7-3770
  • Intel Core i7-3770S
  • Intel Core i7-3770T
  • Intel Core i5-3570K
  • Intel Core i5-3570
  • Intel Core i5-3570S
  • Intel Core i5-3570T
  • Intel Core i5-3550
  • Intel Core i5-3550S
  • Intel Core i5-3475S
  • Intel Core i5-3470
  • Intel Core i5-3470S
  • Intel Core i5-3470T
  • Intel Core i5-3450
  • Intel Core i5-3450S
  • Intel Core i5-3350P
  • Intel Core i5-3440
  • Intel Core i5-3440S
  • Intel Core i5-3335S
  • Intel Core i5-3330
  • Intel Core i5-3330S
  • Intel Core i3-3250
  • Intel Core i3-3250T
  • Intel Core i3-3245
  • Intel Core i3-3240
  • Intel Core i3-3240T
  • Intel Core i3-3225
  • Intel Core i3-3220
  • Intel Core i3-3220T
  • Intel Core i3-3210
  • Intel Pentium G2140
  • Intel Pentium G2130
  • Intel Pentium G2120
  • Intel Pentium G2120T
  • Intel Pentium G2100T
  • Intel Pentium G2030
  • Intel Pentium G2030T
  • Intel Pentium G2020
  • Intel Pentium G2020T
  • Intel Pentium G2010
  • Intel Celeron G1630
  • Intel Celeron G1620
  • Intel Celeron G1620T
  • Intel Celeron G1610
  • Intel Celeron G1610T

Intel Sandy Bridge-E (2011)

  • Intel Core i7-3970X
  • Intel Core i7-3960K
  • Intel Core i7-3930K
  • Intel Core i7-3820

Intel Sandy Bridge (2011)

  • Intel Core i7-2700K
  • Intel Core i7-2600K
  • Intel Core i7-2600
  • Intel Core i7-2600S
  • Intel Core i5-2550K
  • Intel Core i5-2500K
  • Intel Core i5-2500
  • Intel Core i5-2500S
  • Intel Core i5-2500T
  • Intel Core i5-2450P
  • Intel Core i5-2405S
  • Intel Core i5-2400
  • Intel Core i5-2400S
  • Intel Core i5-2390T
  • Intel Core i5-2370P
  • Intel Core i5-2320
  • Intel Core i5-2310
  • Intel Core i5-2300
  • Intel Core i3-2130
  • Intel Core i3-2125
  • Intel Core i3-2120
  • Intel Core i3-2120T
  • Intel Core i3-2105
  • Intel Core i3-2102
  • Intel Core i3-2100
  • Intel Core i3-2100T
  • Intel Pentium G870
  • Intel Pentium G860
  • Intel Pentium G860T
  • Intel Pentium G850
  • Intel Pentium G840
  • Intel Pentium G645
  • Intel Pentium G645T
  • Intel Pentium G640
  • Intel Pentium G640T
  • Intel Pentium G632
  • Intel Pentium G630
  • Intel Pentium G630T
  • Intel Pentium G622
  • Intel Pentium G620
  • Intel Pentium G620T
  • Intel Celeron G555
  • Intel Celeron G550
  • Intel Celeron G550T
  • Intel Celeron G540
  • Intel Celeron G540T
  • Intel Celeron G530
  • Intel Celeron G530T
  • Intel Celeron G470
  • Intel Celeron G465
  • Intel Celeron G460
  • Intel Celeron G440

Intel Gulftown (2010)

  • Intel Core i7-990X
  • Intel Core i7-980X
  • Intel Core i7-980
  • Intel Core i7-970

Intel Clarksdale (2010)

  • Intel Core i5-680
  • Intel Core i5-670
  • Intel Core i5-661
  • Intel Core i5-660
  • Intel Core i5-655K
  • Intel Core i5-650
  • Intel Core i3-560
  • Intel Core i3-550
  • Intel Core i3-540
  • Intel Core i3-530
  • Intel Pentium G6960
  • Intel Pentium G6951
  • Intel Pentium G6950
  • Intel Celeron G1101

Intel Lynnfield (2009)

  • Intel Core i7-880
  • Intel Core i7-875K
  • Intel Core i7-870
  • Intel Core i7-870S
  • Intel Core i7-860
  • Intel Core i7-860S
  • Intel Core i5-760
  • Intel Core i5-750
  • Intel Core i5-750S

Intel Bloomfield (2008)

  • Intel Core i7-975 Extreme Edition
  • Intel Core i7-965 Extreme Edition
  • Intel Core i7-960
  • Intel Core i7-950
  • Intel Core i7-940
  • Intel Core i7-930
  • Intel Core i7-920

Intel Yorkfield-6M (2008-2010)

  • Intel Core 2 Quad Q9705
  • Intel Core 2 Quad Q9700
  • Intel Core 2 Quad Q9505S
  • Intel Core 2 Quad Q9505
  • Intel Core 2 Quad Q9500
  • Intel Core 2 Quad Q9400S
  • Intel Core 2 Quad Q9400
  • Intel Core 2 Quad Q9300
  • Intel Core 2 Quad Q8400S
  • Intel Core 2 Quad Q8400
  • Intel Core 2 Quad Q8300
  • Intel Core 2 Quad Q8200S
  • Intel Core 2 Quad Q8200

Intel Yorkfield (2008-2009)

  • Intel Core 2 Quad Q9650
  • Intel Core 2 Quad Q9550S
  • Intel Core 2 Quad Q9550
  • Intel Core 2 Quad Q9450S
  • Intel Core 2 Quad Q9450

Intel Wolfdale (2008-2009)

  • Intel Core 2 Duo E8700
  • Intel Core 2 Duo E8600
  • Intel Core 2 Duo E8500
  • Intel Core 2 Duo E8400
  • Intel Core 2 Duo E8300
  • Intel Core 2 Duo E8290
  • Intel Core 2 Duo E8200
  • Intel Core 2 Duo E8190

Intel Wolfdale-3M (2008-2010)

  • Intel Core 2 Duo E7600
  • Intel Core 2 Duo E7500
  • Intel Core 2 Duo E7400
  • Intel Core 2 Duo E7300
  • Intel Core 2 Duo E7200
  • Intel Pentium E6800
  • Intel Pentium E6700
  • Intel Pentium E6600
  • Intel Pentium E6500K
  • Intel Pentium E6500
  • Intel Pentium E6300
  • Intel Pentium E5800
  • Intel Pentium E5700
  • Intel Pentium E5500
  • Intel Pentium E5400
  • Intel Pentium E5300
  • Intel Pentium Dual-Core E5300
  • Intel Pentium E5200
  • Intel Pentium Dual-Core E5200
  • Intel Pentium Dual-Core E2210
  • Intel Celeron E3500
  • Intel Celeron E3400
  • Intel Celeron E3300
  • Intel Celeron E3200

Intel Allendale (2008-2009)

  • Intel Celeron E1600
  • Intel Celeron E1500
  • Intel Celeron E1400
  • Intel Celeron E1200

Intel Yorkfield-XE (2007-2008)

  • Intel Core 2 Extreme QX9775
  • Intel Core 2 Extreme QX9770
  • Intel Core 2 Extreme QX9650

Intel Conroe-L (2007-2008)

  • Intel Celeron 450
  • Intel Celeron 445
  • Intel Celeron 430
  • Intel Celeron 420
  • Intel Celeron 220

Intel Kentsfield (2007)

  • Intel Core 2 Quad Q6700
  • Intel Core 2 Quad Q6600
  • Intel Core 2 Quad Q6400

Intel Conroe-CL (2007)

  • Intel Core 2 Duo E6405
  • Intel Core 2 Duo E6305
  • Intel Celeron 445

Intel Conroe (2006-2008)

  • Intel Core 2 Duo E6850
  • Intel Core 2 Duo E6750
  • Intel Core 2 Duo E6700
  • Intel Core 2 Duo E6600
  • Intel Core 2 Duo E6550
  • Intel Core 2 Duo E6540
  • Intel Core 2 Duo E6420
  • Intel Core 2 Duo E6400
  • Intel Core 2 Duo E6320
  • Intel Core 2 Duo E6300
  • Intel Core 2 Duo E4700
  • Intel Core 2 Duo E4600
  • Intel Core 2 Duo E4500
  • Intel Core 2 Duo E4400
  • Intel Core 2 Duo E4300
  • Intel Pentium Dual-Core E2220
  • Intel Pentium Dual-Core E2200
  • Intel Pentium Dual-Core E2180
  • Intel Pentium Dual-Core E2160
  • Intel Pentium Dual-Core E2140

Intel Kentsfield-XE (2006-2007)

  • Intel Core 2 Extreme QX6850
  • Intel Core 2 Extreme QX6800
  • Intel Core 2 Extreme QX6700

Next Page > Intel Mobile CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Intel Mobile CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Gemini Lake (2017)

  • Intel Pentium Silver N5000
  • Intel Celeron N4100
  • Intel Celeron N4000

Intel Apollo Lake (2016)

  • Intel Pentium N4200
  • Intel Celeron N3450
  • Intel Celeron N3350

Intel Kaby Lake Refresh (2017)

  • Intel Core i7-8650U
  • Intel Core i7-8550U
  • Intel Core i5-8350U
  • Intel Core i5-8250U

Intel Kaby Lake-Y (2017)

  • Intel Core i5-Y757
  • Intel Core i5-Y754
  • Intel Core m3-7Y32
  • Intel Core m3-7Y30
  • Intel Pentium 4415Y
  • Intel Pentium 4410Y
  • Intel Celeron 3965Y

Intel Kaby Lake-U (2017)

  • Intel Core i7-7660U
  • Intel Core i7-7600U
  • Intel Core i7-7567U
  • Intel Core i7-7560U
  • Intel Core i7-7500U
  • Intel Core i5-7360U
  • Intel Core i5-7300U
  • Intel Core i5-7287U
  • Intel Core i5-7367U
  • Intel Core i5-7260U
  • Intel Core i5-7200U
  • Intel Core i3-7167U
  • Intel Core i3-7130U
  • Intel Core i3-7100U
  • Intel Pentium 4415U
  • Intel Celeron 3965U
  • Intel Celeron 3865U

Intel Kaby Lake-H (2016)

  • Intel Core i7-7920HQ
  • Intel Core i7-7820HQ
  • Intel Core i7-7820HK
  • Intel Core i7-7820EQ
  • Intel Core i7-7700HQ
  • Intel Core i7-7Y75
  • Intel Core i5-7442HQ
  • Intel Core i5-7442EQ
  • Intel Core i5-7440HQ
  • Intel Core i5-7440EQ
  • Intel Core i3-7102E
  • Intel Core i3-7100H
  • Intel Core i3-7100E

Intel Skylake-H (2015)

  • Intel Core i7-6970HQ
  • Intel Core i7-6920HQ
  • Intel Core i7-6870HQ
  • Intel Core i7-6822EQ
  • Intel Core i7-6820HQ
  • Intel Core i7-6820HK
  • Intel Core i7-6820EQ
  • Intel Core i7-6770HQ
  • Intel Core i7-6700HQ
  • Intel Core i5-6442EQ
  • Intel Core i5-6440HQ
  • Intel Core i5-6440EQ
  • Intel Core i5-6350HQ
  • Intel Core i5-6300HQ
  • Intel Core i3-6102E
  • Intel Core i3-6100H
  • Intel Core i3-6100E

Intel Skylake-Y (2015)

  • Intel Core m3-6Y75
  • Intel Core m3-6Y57
  • Intel Core m3-6Y54
  • Intel Core m3-6Y30
  • Intel Pentium 4405Y

Intel Skylake-U (2015)

  • Intel Core i7-6660U
  • Intel Core i7-6650U
  • Intel Core i7-6600U
  • Intel Core i7-6567U
  • Intel Core i7-6560U
  • Intel Core i7-6500U
  • Intel Core i5-6360U
  • Intel Core i5-6300U
  • Intel Core i5-6287U
  • Intel Core i5-6267U
  • Intel Core i5-6260U
  • Intel Core i5-6200U
  • Intel Core i5-6198DU
  • Intel Core i3-6167U
  • Intel Core i3-6157U
  • Intel Core i3-6100U
  • Intel Core i3-6006U
  • Intel Celeron 3955U
  • Intel Celeron 3855U
  • Intel Pentium 4405U

Intel Broadwell-H (2015)

  • Intel Core i7-5950HQ
  • Intel Core i7-5850HQ
  • Intel Core i7-5850EQ
  • Intel Core i7-5750HQ
  • Intel Core i7-5700HQ
  • Intel Core i7-5700EQ
  • Intel Core i5-5350H

Intel Broadwell-U (2015)

  • Intel Core i7-5650U
  • Intel Core i7-5600U
  • Intel Core i7-5557U
  • Intel Core i7-5550U
  • Intel Core i7-5500U
  • Intel Core i5-5350U
  • Intel Core i5-5300U
  • Intel Core i5-5287U
  • Intel Core i5-5257U
  • Intel Core i5-5250U
  • Intel Core i5-5200U
  • Intel Core i3-5157U
  • Intel Core i3-5020U
  • Intel Core i3-5015U
  • Intel Core i3-5010U
  • Intel Core i3-5005U
  • Intel Pentium 3825U
  • Intel Pentium 3805U
  • Intel Celeron 3765U
  • Intel Celeron 3755U
  • Intel Celeron 3215U
  • Intel Celeron 3205U

Intel Braswell (2015)

  • Intel Pentium N3710
  • Intel Pentium N3700
  • Intel Celeron N3160
  • Intel Celeron N3150
  • Intel Celeron N3060
  • Intel Celeron N3050
  • Intel Celeron N3010
  • Intel Celeron N3000

Intel Broadwell-Y (2014)

  • Intel Core M-5Y71
  • Intel Core M-5Y70
  • Intel Core M-5Y51
  • Intel Core M-5Y31
  • Intel Core M-5Y10c
  • Intel Core M-5Y10a
  • Intel Core M-5Y10

Intel Haswell-H (2013)

  • Intel Core i7-4980HQ
  • Intel Core i7-4960HQ
  • Intel Core i7-4950HQ
  • Intel Core i7-4870HQ
  • Intel Core i7-4860HQ
  • Intel Core i7-4860EQ
  • Intel Core i7-4850HQ
  • Intel Core i7-4850EQ
  • Intel Core i7-4770HQ
  • Intel Core i7-4760HQ
  • Intel Core i7-4750HQ
  • Intel Core i7-4722HQ
  • Intel Core i7-4720HQ
  • Intel Core i7-4712HQ
  • Intel Core i7-4710HQ
  • Intel Core i7-4702HQ
  • Intel Core i7-4702EC
  • Intel Core i7-4701EQ
  • Intel Core i7-4700HQ
  • Intel Core i7-4700MQ
  • Intel Core i7-4700EQ
  • Intel Core i7-4700EC
  • Intel Core i5-4422E
  • Intel Core i5-4410E
  • Intel Core i5-4402E
  • Intel Core i5-4402EC
  • Intel Core i5-4400E
  • Intel Core i5-4210H
  • Intel Core i5-4200H
  • Intel Core i3-4112E
  • Intel Core i3-4110E
  • Intel Core i3-4102E
  • Intel Core i3-4100E

Intel Haswell-ULX (2013)

  • Intel Core i7-4610Y
  • Intel Core i5-4302Y
  • Intel Core i5-4300Y
  • Intel Core i5-4220Y
  • Intel Core i5-4210Y
  • Intel Core i5-4202Y
  • Intel Core i3-4030Y
  • Intel Core i3-4020Y
  • Intel Core i3-4012Y
  • Intel Core i3-4010Y
  • Intel Pentium 3561Y
  • Intel Pentium 3560Y
  • Intel Celeron 2002E
  • Intel Celeron 2000E

Intel Haswell-ULX (2013)

  • Intel Celeron 2961Y

Intel Haswell-ULT (2013)

  • Intel Core i7-4650U
  • Intel Core i7-4600U
  • Intel Core i7-4578U
  • Intel Core i7-4558U
  • Intel Core i7-4550U
  • Intel Core i7-4510U
  • Intel Core i7-4500U
  • Intel Core i5-4360U
  • Intel Core i5-4360U
  • Intel Core i5-4310U
  • Intel Core i5-4308U
  • Intel Core i5-4300U
  • Intel Core i5-4288U
  • Intel Core i5-4280U
  • Intel Core i5-4278U
  • Intel Core i5-4258U
  • Intel Core i5-4250U
  • Intel Core i5-4210U
  • Intel Core i5-4200U
  • Intel Core i3-4158U
  • Intel Core i3-4120U
  • Intel Core i3-4100U
  • Intel Core i3-4030U
  • Intel Core i3-4025U
  • Intel Core i3-4010U
  • Intel Core i3-4005U
  • Intel Pentium 3558U
  • Intel Pentium 3556U
  • Intel Celeron 2981U
  • Intel Celeron 2980U
  • Intel Celeron 2957U
  • Intel Celeron 2955U

Intel Haswell-MB (2013)

  • Intel Core i7-4940MX
  • Intel Core i7-4930MX
  • Intel Core i7-4910MQ
  • Intel Core i7-4900MQ
  • Intel Core i7-4810MQ
  • Intel Core i7-4800MQ
  • Intel Core i7-4712MQ
  • Intel Core i7-4710MQ
  • Intel Core i7-4702MQ
  • Intel Core i7-4610M
  • Intel Core i7-4600M
  • Intel Core i5-4340M
  • Intel Core i5-4330M
  • Intel Core i5-4310M
  • Intel Core i5-4300M
  • Intel Core i5-4210M
  • Intel Core i5-4200M
  • Intel Core i3-4110M
  • Intel Core i3-4100M
  • Intel Core i3-4010M
  • Intel Core i3-4000M
  • Intel Pentium 3560M
  • Intel Pentium 3550M
  • Intel Celeron 2970M
  • Intel Celeron 2950M

Intel Bay Trail-M (2013)

  • Intel Pentium N3540
  • Intel Pentium N3530
  • Intel Pentium N3520
  • Intel Pentium N3510
  • Intel Celeron N2940
  • Intel Celeron N2930
  • Intel Celeron N2920
  • Intel Celeron N2910
  • Intel Celeron N2840
  • Intel Celeron N2830
  • Intel Celeron N2820
  • Intel Celeron N2815
  • Intel Celeron N2810
  • Intel Celeron N2808
  • Intel Celeron N2807
  • Intel Celeron N2806
  • Intel Celeron N2805

Intel Gladden – Ivy Bridge (2013)

  • Intel Core i3-3115C

Intel Ivy Bridge (2012)

  • Intel Core i7-3940XM
  • Intel Core i7-3920XM
  • Intel Core i7-3840QM
  • Intel Core i7-3820QM
  • Intel Core i7-3740QM
  • Intel Core i7-3720QM
  • Intel Core i7-3689Y
  • Intel Core i7-3687U
  • Intel Core i7-3667U
  • Intel Core i7-3635QM
  • Intel Core i7-3632QM
  • Intel Core i7-3630QM
  • Intel Core i7-3615QM
  • Intel Core i7-3615QE
  • Intel Core i7-3612QM
  • Intel Core i7-3612QE
  • Intel Core i7-3610QM
  • Intel Core i7-3610QE
  • Intel Core i7-3537U
  • Intel Core i7-3517U
  • Intel Core i7-3517UE
  • Intel Core i7-3555LE
  • Intel Core i7-3540M
  • Intel Core i7-3520M
  • Intel Core i5-3439Y
  • Intel Core i5-3437U
  • Intel Core i5-3427U
  • Intel Core i5-3339Y
  • Intel Core i5-3380M
  • Intel Core i5-3360M
  • Intel Core i5-3340M
  • Intel Core i5-3237U
  • Intel Core i5-3320M
  • Intel Core i5-3230M
  • Intel Core i5-3217U
  • Intel Core i5-3210M
  • Intel Core i5-3210ME
  • Intel Core i3-3229Y
  • Intel Core i3-3227U
  • Intel Core i3-3217U
  • Intel Core i3-3217UE
  • Intel Core i3-3130M
  • Intel Core i3-3120M
  • Intel Core i3-3120ME
  • Intel Core i3-3110M
  • Intel Pentium 2129Y
  • Intel Pentium 2127U
  • Intel Pentium 2117U
  • Intel Pentium 2030M
  • Intel Pentium 2020M
  • Intel Pentium A1018
  • Intel Celeron 1047UE
  • Intel Celeron 1037U
  • Intel Celeron 1020M
  • Intel Celeron 1020E
  • Intel Celeron 1019Y
  • Intel Celeron 1017U
  • Intel Celeron 1005M
  • Intel Celeron 1007U
  • Intel Celeron 1000M
  • Intel Celeron 927UE

Intel Gladden – Sandy Bridge (2012)

  • Intel Core i3-2115C
  • Intel Celeron 725C

Intel Sandy Bridge (2011)

  • Intel Core i7-2960XM
  • Intel Core i7-2920XM
  • Intel Core i7-2860QM
  • Intel Core i7-2820QM
  • Intel Core i7-2760QM
  • Intel Core i7-2720QM
  • Intel Core i7-2715QE
  • Intel Core i7-2710QE
  • Intel Core i7-2675QM
  • Intel Core i7-2677M
  • Intel Core i7-2670QM
  • Intel Core i7-2657M
  • Intel Core i7-2655LE
  • Intel Core i7-2649M
  • Intel Core i7-2640M
  • Intel Core i7-2637M
  • Intel Core i7-2635QM
  • Intel Core i7-2630QM
  • Intel Core i7-2629M
  • Intel Core i7-2620M
  • Intel Core i7-2617M
  • Intel Core i7-2610E
  • Intel Core i5-2557M
  • Intel Core i5-2540M
  • Intel Core i5-2537M
  • Intel Core i5-2520M
  • Intel Core i5-2467M
  • Intel Core i5-2450M
  • Intel Core i5-2435M
  • Intel Core i5-2430M
  • Intel Core i5-2415M
  • Intel Core i5-2415E
  • Intel Core i5-2410M
  • Intel Core i5-2410E
  • Intel Core i3-2377M
  • Intel Core i3-2375M
  • Intel Core i3-2370M
  • Intel Core i3-2367M
  • Intel Core i3-2365M
  • Intel Core i3-2357M
  • Intel Core i3-2350M
  • Intel Core i3-2348M
  • Intel Core i3-2340UE
  • Intel Core i3-2332M
  • Intel Core i3-2330M
  • Intel Core i3-2330E
  • Intel Core i3-2328M
  • Intel Core i3-2312M
  • Intel Core i3-2310M
  • Intel Core i3-2310E
  • Intel Core i3-2308M
  • Intel Pentium 997
  • Intel Pentium 987
  • Intel Pentium B980
  • Intel Pentium 977
  • Intel Pentium B970
  • Intel Pentium 967
  • Intel Pentium B960
  • Intel Pentium 957
  • Intel Pentium B950
  • Intel Pentium B940
  • Intel Celeron 887
  • Intel Celeron 877
  • Intel Celeron 867
  • Intel Celeron 857
  • Intel Celeron 847
  • Intel Celeron B847E
  • Intel Celeron B840
  • Intel Celeron B830
  • Intel Celeron B827E
  • Intel Celeron B820
  • Intel Celeron B815
  • Intel Celeron B810
  • Intel Celeron B810E
  • Intel Celeron 807
  • Intel Celeron B807UE
  • Intel Celeron B800
  • Intel Celeron 797
  • Intel Celeron 787
  • Intel Celeron B730
  • Intel Celeron B720
  • Intel Celeron B710
[adrotate group=”1″]

Intel Arrandale (2010)

  • Intel Core i7-680UM
  • Intel Core i7-660LM
  • Intel Core i7-680UM
  • Intel Core i7-680UE
  • Intel Core i7-640M
  • Intel Core i7-640LM
  • Intel Core i7-640UM
  • Intel Core i7-620M
  • Intel Core i7-620LM
  • Intel Core i7-620LE
  • Intel Core i7-620UM
  • Intel Core i7-620UE
  • Intel Core i7-610E
  • Intel Core i5-580M
  • Intel Core i5-560M
  • Intel Core i5-560UM
  • Intel Core i5-540M
  • Intel Core i5-540UM
  • Intel Core i5-520M
  • Intel Core i5-520UM
  • Intel Core i5-520E
  • Intel Core i5-480M
  • Intel Core i5-470UM
  • Intel Core i5-460M
  • Intel Core i5-450M
  • Intel Core i5-430M
  • Intel Core i5-430UM
  • Intel Core i3-390M
  • Intel Core i3-380M
  • Intel Core i3-380UM
  • Intel Core i3-370M
  • Intel Core i3-350M
  • Intel Core i3-330M
  • Intel Core i3-330E
  • Intel Core i3-380UE
  • Intel Pentium P6300
  • Intel Pentium P6200
  • Intel Pentium P6100
  • Intel Pentium P6000
  • Intel Pentium U5600
  • Intel Pentium U5400
  • Intel Celeron P4600
  • Intel Celeron P4505
  • Intel Celeron P4500
  • Intel Celeron U3800
  • Intel Celeron U3405
  • Intel Celeron U3400

Intel Jasper Forest (2010)

  • Intel Celeron P1053

Intel Clarksfield (2009)

  • Intel Core i7-940XM
  • Intel Core i7-920XM
  • Intel Core i7-840QM
  • Intel Core i7-820QM
  • Intel Core i7-740QM
  • Intel Core i7-720QM

Intel Penryn-3M (2008-2011)

  • Intel Core 2 Duo SU9600
  • Intel Core 2 Duo SP9600
  • Intel Core 2 Duo SU9400
  • Intel Core 2 Duo SP9400
  • Intel Core 2 Duo SU9300
  • Intel Core 2 Duo SP9300
  • Intel Core 2 Duo SU7300
  • Intel Pentium T4500
  • Intel Pentium T4400
  • Intel Pentium T4300
  • Intel Pentium T4200
  • Intel Pentium SU4100
  • Intel Pentium SU2700
  • Intel Celeron T3500
  • Intel Celeron T3300
  • Intel Celeron T3100
  • Intel Celeron T3000
  • Intel Celeron SU2300
  • Intel Celeron 925
  • Intel Celeron 900
  • Intel Celeron ULV 763
  • Intel Celeron M ULV 743
  • Intel Celeron M ULV 723
  • Intel Celeron M ULV 722

Intel Penryn-L (2008-2009)

  • Intel Core 2 Solo SU3500
  • Intel Core 2 Solo SU3300

Intel Penryn (2008-2009)

  • Intel Core 2 Duo T9900
  • Intel Core 2 Duo T9800
  • Intel Core 2 Duo P9700
  • Intel Core 2 Duo P9600
  • Intel Core 2 Duo T9600
  • Intel Core 2 Duo SL9600
  • Intel Core 2 Duo T9550
  • Intel Core 2 Duo P9500
  • Intel Core 2 Duo T9500
  • Intel Core 2 Duo SL9400
  • Intel Core 2 Duo T9400
  • Intel Core 2 Duo SL9380
  • Intel Core 2 Duo SL9300
  • Intel Core 2 Duo T9300
  • Intel Core 2 Duo P8800
  • Intel Core 2 Duo P8700
  • Intel Core 2 Duo P8600
  • Intel Core 2 Duo E8435
  • Intel Core 2 Duo P8400
  • Intel Core 2 Duo E8335
  • Intel Core 2 Duo T8300
  • Intel Core 2 Duo E8235
  • Intel Core 2 Duo E8135
  • Intel Core 2 Duo T8100
  • Intel Core 2 Duo P7570
  • Intel Core 2 Duo P7550
  • Intel Core 2 Duo P7460
  • Intel Core 2 Duo P7450
  • Intel Core 2 Duo P7370
  • Intel Core 2 Duo P7350
  • Intel Core 2 Duo T6970
  • Intel Core 2 Duo T6900
  • Intel Core 2 Duo T6670
  • Intel Core 2 Duo T6600
  • Intel Core 2 Duo T6570
  • Intel Core 2 Duo T6500
  • Intel Core 2 Duo T6400

Intel Penryn QC-XE (2008)

  • Intel Core 2 Extreme QX9300

Intel Penryn QC (2008)

  • Intel Core 2 Quad Q9100
  • Intel Core 2 Quad Q9000

Intel Merom-2M (2007-2008)

  • Intel Core 2 Duo U7700
  • Intel Core 2 Duo U7600
  • Intel Core 2 Duo U7500
  • Intel Pentium Dual-Core T3400
  • Intel Pentium Dual-Core T3200
  • Intel Pentium Dual-Core T2410
  • Intel Pentium Dual-Core T2390
  • Intel Pentium Dual-Core T2370
  • Intel Pentium Dual-Core T2330
  • Intel Pentium Dual-Core T2310
  • Intel Celeron T1700
  • Intel Celeron T1600
  • Intel Celeron T1500
  • Intel Celeron T1400
  • Intel Celeron 585
  • Intel Celeron 575

Intel Merom-L (2007)

  • Intel Core 2 Solo ULV U2200
  • Intel Core 2 Solo ULV U2100
  • Intel Celeron ULV 573
  • Intel Celeron M ULV 523

Intel Merom (2007)

  • Intel Core 2 Duo T7800
  • Intel Core 2 Duo T7700
  • Intel Core 2 Duo SP7700
  • Intel Core 2 Duo L7700
  • Intel Core 2 Duo T7600G
  • Intel Core 2 Duo T7600
  • Intel Core 2 Duo SP7500
  • Intel Core 2 Duo T7500
  • Intel Core 2 Duo L7500
  • Intel Core 2 Duo T7400
  • Intel Core 2 Duo L7400
  • Intel Core 2 Duo T7300
  • Intel Core 2 Duo L7300
  • Intel Core 2 Duo T7250
  • Intel Core 2 Duo T7200
  • Intel Core 2 Duo L7200
  • Intel Core 2 Duo T7100
  • Intel Core 2 Duo SL7100
  • Intel Core 2 Duo T5900
  • Intel Core 2 Duo T5800
  • Intel Core 2 Duo T5750
  • Intel Core 2 Duo T5670
  • Intel Core 2 Duo T5600
  • Intel Core 2 Duo T5550
  • Intel Core 2 Duo T5500
  • Intel Core 2 Duo T5470
  • Intel Core 2 Duo T5450
  • Intel Core 2 Duo T5300
  • Intel Core 2 Duo T5270
  • Intel Core 2 Duo T5250
  • Intel Core 2 Duo T5200
  • Intel Celeron 570
  • Intel Celeron 560
  • Intel Celeron 550
  • Intel Celeron 540
  • Intel Celeron 530
  • Intel Celeron M 530
  • Intel Celeron M 520

Intel Merom-XE (2007)

  • Intel Core 2 Extreme X7900
  • Intel Core 2 Extreme X7800

Next Page > VIA Desktop + Mobile CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


VIA Desktop CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These VIA CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

VIA Nano QuadCore (2011)

  • VIA Nano QuadCore L4800E
  • VIA Nano QuadCore L4700E
  • VIA Nano QuadCore L4650E

VIA Nano Dual Core 2011)

  • VIA Nano X2 E L4350E
  • VIA Nano X2 E L4350E

VIA Nano 3000 Series (2009)

  • VIA Nano L3600
  • VIA Nano L3050
  • VIA Nano L3025

VIA Nano 2000 Series (2008)

  • VIA Nano L2200
  • VIA Nano L2100

 

VIA Mobile CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These VIA CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

VIA Nano Dual Core (2011)

  • VIA Eden X2 U4200E
  • VIA Eden X2 U4100E

VIA Nano 3000 Series (2010)

  • VIA Nano U3500
  • VIA Nano U3400
  • VIA Nano U3300
  • VIA Nano U3200
  • VIA Nano U3100

VIA Nano 2000/1000 Series (2008)

  • VIA Nano U2500
  • VIA Nano U2300
  • VIA Nano U2250
  • VIA Nano U2225
  • VIA Nano U1700

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > First Page | Guides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Complete AMD Spectre Mitigation Strategy Guide Rev. 2.0

Intel have been rushing out their Meltdown and Spectre patches (with some unfortunate side effects), but what about AMD? We present to you – The AMD Spectre Mitigation Strategy Guide!

Article Update History

Click here for the Article Update History

Updated @ 2018-02-28 : Added a new page on the AMD Spectre 2 hardware mitigation options.

Originally posted @ 2018-02-01

 

Only Spectre

Now that the dust has settled, we know that AMD processors are completely invulnerable to Meltdown, but are vulnerable to both Spectre exploits. Therefore, AMD only needs to mitigate against the two Spectre exploits.

  • Variant 1 : Bounds Check Bypass (CVE-2017-5753)
  • Variant 2 : Branch Target Injection (CVE-2017-5715)

 

AMD Spectre Mitigation Overview

GPZ Variant 1 (Spectre 1)

In the Spectre 1 (GPZ Variant 1) exploit, a malware can make use of the processor’s speculative execution capability to bypass the memory bounds check, thereby accessing memory that it did not have permission for.

AMD is recommending software-only solutions for Spectre 1, which include operating system kernels, JIT (Just In Time) compilers, browsers and other user applications.

AMD recommends the V1-1 (lfence) software solution for the GPZ Variant 1 (Spectre 1) exploit.

GPZ Variant 2 (Spectre 2)

In the Spectre 2 (GPZ Variant 2) exploit, a malware may trick the CPU branch predictor into mis-predicting the wrong path, thereby speculatively executing code that would not otherwise be executed.

AMD offers both software-only, and software + hardware mitigations, for Spectre 2.

AMD recommends the V2-1 (retpoline) option for the GPZ Variant 2 (Spectre 2) exploit.

 

The AMD Spectre Mitigation Options

AMD has so far offered 11 Spectre mitigation options, divided into three categories :

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

 

AMD Spectre 1 + 2 Mitigation Options

AMD Spectre Mitigation G-1

Target : Spectre 1 and Spectre 2

Technique : Clear out untrusted data from registers (e.g. write 0) when entering more privileged modes, or sensitive code.

Effect : By removing untrusted data from registers, the CPU will not be able to speculatively execute operations using the values in those registers.

Applicability : All AMD processors.

Note : Instructions that cause the machine to temporarily stop inserting new instructions into the machine for execution and wait for execution of older instructions to nish are referred to as dispatch serializing instructions.

 

AMD Spectre Mitigation G-2

Target : Spectre 1 and Spectre 2

Technique : Set an MSR in the processor so that LFENCE is a dispatch serializing instruction and then use LFENCE in code streams to serialize dispatch (LFENCE is faster than RDTSCP which is also dispatch serializing). This mode of LFENCE may be enabled by setting MSR C001_1029[1]=1.

Effect : Upon encountering an LFENCE when the MSR bit is set, dispatch will stop until the LFENCE instruction becomes the oldest instruction in the machine.

Applicability : All AMD family 10h/12h/14h/15h/16h/17h processors support this MSR. LFENCE support is indicated by CPUID function1 EDX bit 26, SSE2. AMD family 0Fh/11h processors support LFENCE as serializing always, but do not support this MSR. AMD plans support for this MSR and access to this bit for all future processors.

 

AMD Spectre Mitigation G-3

Target : Spectre 1 and Spectre 2

Technique : Enable Supervisor Mode Execution Protection (SMEP).

Effect : The processor will never speculatively fetch instruction bytes in supervisor mode if the RIP address points to a user page. This prevents the attacker from redirecting the kernel indirect branch to a target in user code.

Applicability : All AMD processors that support SMEP (Family 17h, Family 15h model >60h)

Note : The load-store unit is a key area for controlling speculation because information leakage comes from the residual nature of cache lines after a speculative fill.

 

AMD Spectre Mitigation G-4

Target : Spectre 1 and Spectre 2

Technique : Enable SMAP (Supervisor Mode Access Protection)

Effect : The processor will never initiate a fill if the translation has a SMAP violation (kernel accessing user memory). This can prevent the kernel from bringing in user data cache lines. With SMEP and SMAP enabled the attacker must nd an indirect branch to attack in the area marked by SMAP that is allowed to access user marked memory.

Applicability : All AMD processors that support SMAP ( family 17h and greater)

Next Page > Separate AMD Spectre 1 + Spectre 2 Mitigations

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

AMD Spectre 1 Mitigation Options

AMD Spectre Mitigation V1-1

Target : Spectre 1 only

Technique : With LFENCE serializing, use it to control speculation for bounds checking. For instance, consider the following code:

1:  cmp eax, [buffer_top]    ; compare eax (index) to upper bound

2:  ja out_of_bounds          ; if greater, index is too big

3:  mov ebx, [eax]              ; read buffer

In this code, the CPU can speculative execute instruction 3 (mov) if it mispredicts the branch at 2 (ja). If this is undesirable, software should implement:

1:  cmp eax, [buffer_top]    ; compare eax (index) to upper bound

2:  ja out_of_bounds          ; if greater, index is too big

3:  lfence                             ; serializes dispatch until branch

4:  mov ebx, [eax]              ; read buffer

Effect : In the second code sequence, the processor cannot execute op 4 because dispatch is stalled until the branch target is known.

Applicability : All AMD processors.

 

AMD Spectre Mitigation V1-2

Target : Spectre 1 only

Technique : Create a data dependency on the outcome of a compare to avoid speculatively executing instructions in the false path of the branch. For instance, consider the following code:

1:  cmp eax, [buffer_top]    ; compare eax (index) to upper bound

2:  ja out_of_bounds          ; if greater, index is too big

3:  mov ebx, [eax]              ; read buffer

In this code, the CPU can speculative execute instruction 3 (mov) if it mispredicts the branch at 2 (ja). If this is undesirable, software should implement:

1:  xor edx, edx

2:  cmp eax, [buffer_top]    ; compare eax (index) to upper bound

3:  ja out_of_bounds            ; if greater, index is too big

4:  cmova eax, edx              ; NEW: dummy conditional mov

5:  mov ebx, [eax]               ; read buffer

Effect : In the second code sequence, the processor cannot execute op 4 (cmova) because the ags are not available until after instruction 2 (cmp) nishes executing. Because op 4 cannot execute, op 5 (mov) cannot execute since no address is available.

Applicability : All AMD processors.

 

AMD Spectre Mitigation V1-3

Target : Spectre 1 only

Technique : Create a data dependency on the outcome of a compare to mask the array index to keep it within bounds. For instance, consider the following code:

1:  cmp eax, [buffer_top]    ; compare eax (index) to upper bound

2:  ja out_of_bounds            ; if greater, index is too big

3:  mov ebx, [eax]                ; read buffer

In this code, the CPU can speculative execute instruction 3 (mov) if it mispredicts the branch at 2 (ja). If this is undesirable, software should implement:

1:  cmp eax, [buffer_top]    ; compare eax (index) to upper bound

2:  ja out_of_bounds           ; if greater, index is too big

3:  and eax, $MASK            ; NEW: Mask array index

4:  mov ebx, [eax]              ; read buffer

Effect : In the second code sequence, the processor will mask the array index before the memory load constraining the range of addresses that can be speculatively loaded. For performance it is best if $MASK is an immediate value.

Applicability : All AMD processors. This mitigation works best for arrays that are power-of-2 sizes but can be used in all cases to limit the range of addresses that can be loaded.

Note : In the case of RET instructions, RIP values are predicted using a special hardware structure that tracks CALL and RET instructions called the return stack bu er. Other indirect branches (JMP, CALL) are predicted using a branch target bu er (BTB) structure. While the mechanism and structure of this buffer varies significantly across AMD processors, branch predictions in these structures can be controlled with software changes to mitigate variant 2 attacks.

[adrotate group=”1″]

 

AMD Spectre 2 Mitigation Options

AMD Spectre Mitigation V2-1

Target : Spectre 2 only

Technique : Convert indirect branches into a “retpoline”. Retpoline sequences are a software construct which allows indirect branches to be isolated from speculative execution. It uses properties of the return stack bu er (RSB) to control speculation. The RSB can be lled with safe targets on entry to a privileged mode and is per thread for SMT processors. So instead of

1: jmp *[eax] ; jump to address pointed to by EAX2:

To this:

1: call l5 ; keep return stack balanced

l2: pause ; keep speculation to a minimum

3:  lfence

4:  jmp l2

l5: add rsp, 8 ; assumes 64 bit stack

6:  push [eax] ; put true target on stack

7:  ret

and this 1: call *[eax] ;

To this:

1: jmp l9

l2:  call l6          ; keep return stack balanced

l3:  pause

4:  lfence           ; keep speculation to a minimum

5:  jmp l3

l6: add rsp, 8    ; assumes 64 bit stack

7:  push [eax]    ; put true target on stack

8:  ret

L9: call l2

Effect : This sequence controls the processor’s speculation to a safe known point. The performance impact is likely greater than V2-2 but more portable across the x86 architecture. Care needs to be taken for use outside of privileged mode where the RSB was not cleared on entry or the sequence can be interrupted. AMD processors do not put RET based predictions in BTB type structures.

Applicability : All AMD processors.

 

AMD Spectre Mitigation V2-2

Target : Spectre 2 only

Technique : Convert an indirect branch into a dispatch serializing instruction sequence where the load has nished before the branch is dispatched. For instance, change this code:

1: jmp *[eax]    ; jump to address pointed to by EAX2:

To this:

1:  mov eax, [eax]    ; load target address

2:  lfence                  ; dispatch serializing instruction

3:  jmp *eax

Effect : The processor will stop dispatching instructions until all older instructions have returned their results and are capable of being retired by the processor. At this point the branch target will be in the general purpose register (eax in this example) and available at dispatch for execution such that the speculative execution window is not large enough to be exploited.

Applicability : All AMD processors. AMD plans that this sequence will continue to work on future processors until support for other architectural means to control indirect branches are introduced.

 

AMD Spectre Mitigation V2-3

Target : Spectre 2 only

Technique : Execute a series of CALL instructions upon entering more privileged code to ll up the return address predictor.

Effect : The processor will only predict RET targets to the RIP values in the return address predictor, thus preventing attacker controlled RIP values from being predicted.

Applicability : All AMD processors. The size of the return address predictor varies by processor, all current AMD processors have a return address predictor with 32 entries or less. Future processors that have more than 32 RSB entries are planned to be architected to not require software intervention.

 

AMD Spectre Mitigation V2-4

Target : Spectre 2 only

Technique : An architectural mechanism, Indirect Branch Control (IBC), is being added to the x86 ISA to help software control branch prediction of jmp near indirect and call near indirect instructions. It consists of 3 features: Indirect Branch Prediction Barrier (IBPB), Indirect Branch Restricted Speculation (IBRS) and Single Thread Indirect Branch Predictors (STIBP).

Effect : These features give software another mechanism through architectural MSRs to provide mitigation for different variant 2 exploits.

IBPB – Places a barrier such that indirect branch predictions from earlier execution cannot in uence execution after the barrier.
IBRS – Restricts indirect branch speculation when set.
STIBP – Provides sibling thread protection on processors that require sibling indirect branch prediction protection

Applicability : As a new feature, these mechanism are available in only a limited number of current AMD processors and require a microcode patch. These 3 features are individually enumerated through CPUID and all processors do not support all features. These features also require software updates to write the MSR where appropriate.

Note : After a RIP value is predicted, the new RIP value is sent through a TLB and table walker pipeline before instruction bytes can be fetched and sent for execution.

Next Page > AMD Spectre 2 Hardware Mitigations

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

AMD Spectre 2 Hardware Mitigation Options

On 7 February, AMD revealed three AMD64 mechanisms to mitigate against Spectre 2 (indirect branch target injection). They are designed to increase control of indirect branches, and identified by CPU ID bits.

Feature AMD Version (CPUID Function) MSR Exist
Indirect Branch Prediction Barrier (IBPB) 8000_0008 EBX[12]=1 PRED_CMD (MSR 49)
Indirect Branch Restricted Speculation (IBRS) 8000_0008 EBX[14]=1 SPEC_CTRL (MSR 48)
Single Thread Indirect Branch Prediction (STIBP) 8000_0008 EBX[15]=1 SPEC_CTRL (MSR 48)

 

AMD IBPB Hardware Mitigation

Target : Spectre 2 only

Technique : This is a write-only MSR (model-specific register) that, when written with a 0, prevents older indirect branches from influencing predictions of indirect branches in the future. This applies to jmp indirects, call indirects and returns.

As this feature prevents the processor from using all previous indirect branch information, it is meant to be used only when a software switches from one user context to another that requires protection.

CPUID Function 8000_0008, EBX[16]=1 indicates an IBRS always on mode. The processor prefers that IBRS is only set once during boot and not changed.

If IBRS is set on a processor supporting IBRS always on mode, indirect branches executed in a less privileged prediction mode will not influence branch predictions for indirect branches in a more privileged prediction mode.

This also reduces the performance impact of the WRMSR (Write to Model Specific Register) on less privileged to more privileged entry point and the WRMSR on more privileged to less privileged exit points.

 

AMD IBRS Hardware Mitigation

Target : Spectre 2 only

Technique : Indirect Branch Restricted Speculation (IBRS) exists at MSR 0x48 (SPEC_CTRL) bit 0.

When this bit is set, it keeps indirect branches that occurred in a lesser prediction mode from before it was set from influencing the future indirect branches that are going to execute now while IBRS is 1. A lesser prediction mode is CPL 3 vs CPL[2-0] and Guest vs Host mode.

If software clears IBRS, it is now allowed for the older indirect branches that occurred when IBRS was 0 to be used to influence the indirect branches.

It is also possible that while IBRS is 1, another write of 1 to IBRS bit 0 occurs. This starts a new window where older indirect branches should not influence future indirect branches.

Therefore if IBRS were set in a lesser privilege mode, on a transition to a more privileged mode the more privileged mode would have to set IBRS to 1 to indicate to hardware that it wants branches in the more privileged mode separated from those in the lesser privileged mode with IBRS set.

On processors with a shared indirect branch predictor, IBRS being set provides protection from being influenced by a sibling thread’s indirect branch predictions. For the ret type of indirect branch, software is responsible for clearing out the return stack buffer with 32 calls that have a non-zero target.

Processors that support more than 32 RSB (Return Stack Buffer) entries will be responsible for clearing the extra RSB entries. Clearing out the return stack buffer maybe required on the transition from CPL3 to CPL0, even if the OS has SMEP enabled.

CPUID Function 8000_0008, EBX[18]=1 indicates that the processor prefers using the IBRS feature instead of other software mitigations such as retpoline. This allows software to remove the software mitigation and utilize the better performing IBRS mechanism.

[adrotate group=”1″]

 

AMD STIBP Hardware Mitigation

Target : Spectre 2 only

Technique : The Single Thread Indirect Branch Predictor (STIBP) exists at MSR 0x48 (SPEC_CTRL) bit 1.

When this bit is set in processors that share branch prediction information, indirect branch predictions from sibling threads cannot influence the predictions of other sibling threads. Return instructions are always immune to influence by the other thread and do not require this bit to be set for protection.

Any attempt to write SPEC_CTRL bits 63:2 results in general protection fault (GP fault). If a processor only supports STIBP (bit 1) for ease of software implementation, the processor does not GP fault attempts to write bit 0. In a similar manner, if a processor only supports IBRS, attempts to set STIBP do not GP fault.

Both SPEC_CTRL and PRED_CMD are not architecturally serializing WRMSRs. They are still execution serializing and prevent any execution of future instructions until they have completed.

CPUID Function 8000_0008, EBX[17]=1 indicates an STIBP always on mode. The processor prefers that STIBP is only set once during boot and not changed. This reduces the performance impact of the WRMSR (Write to Model Specific Register) at the necessary toggle points.

Go Back To > First PageGuides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Sophos Intercept X with Predictive Protection Explained!

Sophos today announced the availability of Intercept X with malware detection powered by advanced deep learning neural networks. Join us for a briefing by Sumit Bansal, Sophos Managing Director for ASEAN and Korea!

 

Sophos Intercept X with Predictive Protection

Combined with new active-hacker mitigation, advanced application lockdown, and enhanced ransomware protection, this latest release of the Sophos Intercept X endpoint protection delivers previously unseen levels of detection and prevention.

Deep learning is the latest evolution of machine learning. It delivers a massively scalable detection model that is able to learn the entire observable threat landscape. With the ability to process hundreds of millions of samples, deep learning can make more accurate predictions at a faster rate with far fewer false-positives when compared to traditional machine learning.

This new version of Sophos Intercept X also includes innovations in anti-ransomware and exploit prevention, and active-hacker mitigations such as credential theft protection. As anti-malware has improved, attacks have increasingly focused on stealing credentials in order to move around systems and networks as a legitimate user, and Intercept X detects and prevents this behavior.

Deployed through the cloud-based management platform Sophos Central, Intercept X can be installed alongside existing endpoint security software from any vendor, immediately boosting endpoint protection. When used with the Sophos XG Firewall, Intercept X can introduce synchronized security capabilities to further enhance protection.

 

New Sophos Intercept X Features

Deep Learning Malware Detection

  • Deep learning model detects known and unknown malware and potentially unwanted applications (PUAs) before they execute, without relying on signatures
  • The model is less than 20 MB and requires infrequent updates

Active Adversary Mitigations

  • Credential theft protection – Preventing theft of authentication passwords and hash information from memory, registry, and persistent storage, as leveraged by such attacks as Mimikatz
  • Code cave utilization – Detects the presence of code deployed into another application, often used for persistence and antivirus avoidance
  • APC protection – Detects abuse of Application Procedure Calls (APC) often used as part of the AtomBombing code injection technique and more recently used as the method of spreading the WannaCry worm and NotPetya wiper via EternalBlue and DoublePulsar (adversaries abuse these calls to get another process to execute malicious code)

New and Enhanced Exploit Prevention Techniques

[adrotate group=”2″]
  • Malicious process migration – Detects remote reflective DLL injection used by adversaries to move between processes running on the system
  • Process privilege escalation – Prevents a low-privilege process from being escalated to a higher privilege, a tactic used to gain elevated system access

Enhanced Application Lockdown

  • Browser behavior lockdown – Intercept X prevents the malicious use of PowerShell from browsers as a basic behavior lockdown
  • HTA application lockdown – HTML applications loaded by the browser will have the lockdown mitigations applied as if they were a browser

Go Back To > Events | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Everything On The Meltdown + Spectre CPU Flaws! Rev. 3.0

The Meltdown and Spectre CPU flaws that the Google Project Zero team discovered are arguably the worst we have ever known. These vulnerabilities were built into BILLIONS of CPUs that we have been using for the last decade or so.

Not just Intel CPUs, but also CPUs made by AMD, Apple and ARM. Even those that power our smartphones and other smart devices!

Let’s take a look at what we know so far about Meltdown and Spectre, how they affect you, and what we can do about them.

This story is still developing. We will update the article as and when new details emerge. Be sure to check back and refresh the page for the latest information!

 

Article Update History

Click here for the Article Update History

2018-02-17 : Updated the table of CPUs vulnerable to Meltdown and Spectre. Updated four sections with new information.

2018-02-05 : Added a table of CPUs vulnerable to Meltdown and Spectre. Updated three sections with new information.

2018-01-25 : Revamped the entire article. Added a new section on the difference between Meltdown and Spectre, and a new section on InSpectre. Updated the list of vulnerable processors, mitigation efforts by Microsoft and Apple, as well as the Intel spontaneous reboot issues with their Spectre 2 patches.

2018-01-16 : Updated the list of vulnerable processors, and added a new section on Intel CPUs spontaneously rebooting after applying Meltdown and Spectre patches. Also added cautionary advice on holding off these updates.

2018-01-12 : Updated the article with the AMD confirmation that their processors are vulnerable to both Spectre exploits. Also added details on the Google Retpoline mitigation technique against Spectre attacks.

2018-01-11 : Added new sections on the performance impact of the Meltdown and Spectre mitigation patches, and reports of those patches bricking some AMD PCs. Also expanded the list of affected CPUs, and corrected information on the Intel-SA-00086 Detection Tool.

Between 2018-01-09 and 2018-01-10 : Numerous updates including details of patches and affected CPUs.

Originally posted @ 2018-01-09

 

The Meltdown + Spectre Vulnerabilities

  • The Project Zero team identified these vulnerabilities in 2017, reporting it to Intel, AMD and ARM on 1 June 2017.
  • These vulnerabilities take advantage of the Speculative Execution and Branch Prediction features of the modern processor, that have been used for many years to improve performance.
  • Speculative Execution lets the CPU predict and pre-execute the next instruction, allowing it to “instantly” deliver the results if it’s correct.
  • Branch Prediction helps the CPU predict future execution paths that should be speculatively-executed for better performance.
  • There are THREE (3) variants of the speculative execution CPU bug :
    • Variant 1 : Bounds Check Bypass (CVE-2017-5753)
    • Variant 2 : Branch Target Injection (CVE-2017-5715)
    • Variant 3 : Rogue Data Cache Load (CVE-2017-5754)
  • The Spectre attack (whitepaper) exploits variants 1 and 2.
  • The Meltdown attack (whitepaper) exploits variant 3.
  • There is a Variant 3a, which appears to affect only certain ARM processors.

 

What’s The Difference Between Meltdown & Spectre?

  • Spectre tricks the CPU branch predictor into mis-predicting the wrong path, thereby speculatively executing code that would not otherwise be executed.
  • Meltdown takes advantage of the out-of-order execution capability of modern processors, tricking them into executing malicious code that would normally not be allowed.
  • The Spectre name is based on both the root cause – speculative execution, and the fact that it is not easy to fix, and will haunt us for a long time like a spectre (ghost).
  • The Meltdown name was chosen because the vulnerability “basically melts security boundaries which are normally enforced by the hardware“.

 

How Bad Are Meltdown & Spectre?

  • The Spectre exploits let an attacker access and copy information from the memory space used by other applications.
  • The Meltdown exploit lets an attacker copy the entire physical memory of the computer.
  • Unless patched, the affected processors are vulnerable to malware and cyberattacks that exploits this CPU bug to steal critical information from running apps (like login and credit card information, emails, photos, documents, etc.)
  • While the Meltdown exploit can be “fixed”, it is likely that the Spectre exploit cannot be fixed, only mitigated, without a redesign of the processors. That means we will have to live with the risks of a Spectre attack for many more years to come.

 

How Many Processors Are Affected? Updated!

For the complete list of affected AMD, Apple, ARM and Intel processors, please see this separate article – The Complete List Of CPUs Vulnerable To Meltdown / Spectre

Company Spectre 1 Spectre 2 Meltdown
AMD 295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
None
Apple 13 Mobile SoCs 13 Mobile SoCs 13 Mobile SoCs
ARM 10 Mobile CPUs
3 Server SoCs
10 Mobile CPUs
3 Server SoCs
4 Mobile CPUs
3 Server SoCs
IBM 10 POWER CPUs 10 POWER CPUs 10 POWER CPUs
Intel 732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs
732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs
732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs

Total

2786 CPUs 2786 CPUs 1839 CPUs

For the complete list of affected AMD, Apple, ARM and Intel processors, please see this separate article – The Complete List Of CPUs Vulnerable To Meltdown / Spectre

 

Intel Detection Tool?

The Intel-SA-00086 Detection Tool does NOT detect the processor’s susceptibility to these vulnerabilities. It only checks for different vulnerabilities affecting the Intel Management Engine.

 

InSpectre

Our reader Arthur shared that the Gibson Research Corporation has an aptly-named utility called InSpectre.

It checks for Meltdown and Spectre hardware and software vulnerabilities in a Windows system. It will help you check if your system is getting patched properly against these vulnerabilities.

 

What Is Being Done??? Updated!

Note : The terms “mitigate” and “mitigation” mean the possibility of a successfully attacked are reduced, not eliminated.

  • Intel has started issuing software and firmware updates for the processors introduced in the last 5 years. By the middle of January 2018, Intel expects to have issued updates for more than 90% of those CPUs. However, that does not address the other Intel processors sold between 2010 and 2012.
  • Microsoft and Linux have started to roll our the KPTI (Kernel Page Table Isolation) patch, also known as the KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed) patch.
  • The KPTI or KAISER patch, however, will only protect against the Meltdown exploit. It has no effect on a Spectre attack.
  • Microsoft Edge and Internet Explorer 11 received the KB4056890 security update on 3 January 2018, to prevent a Meltdown attack.
  • Firefox 57 includes changes to mitigate against both attacks.
  • Google Chrome 64 will be released on 23 January 2018, with mitigations against Meltdown and Spectre attacks.
  • For Mac systems, Apple introduced mitigations against Spectre in macOS 10.13.2 (released on 8 January 2018), with more fixes coming in macOS 10.13.3.
  • For iOS devices, Apple introduced mitigations against Meltdown in iOS 11.2 and tvOS 11.2.
  • On 8 January 2018, Apple released iOS 11.2.2, which mitigates the risk of the two Spectre exploits in Safari and WebKit, for iPhone 5s, iPad Air, and iPod touch 6th generation or later.
  • ARM has made available the KPTI / KAISER kernel patches for Linux, while Google will provide them for Android.
  • Google patched Android against both exploits with the December 2017 and January 2018 patches.
  • Google shared details of their Return Rrampoline (Retpoline) binary modification technique that can be used to protect against Spectre attacks. It is a software construct that ensures that any associated speculative execution will “bounce” (as if on a trampoline) endlessly.
  • NVIDIA issued six driver and security updates for affected devices and software between 3-9 January 2018.
  • On 11 January 2018, AMD announced that the “majority of AMD systems” have received the mitigation patches against Spectre 1, albeit some older AMD systems got bricked by bad patches. They also announced that they will make “optional” microcode updates available for Ryzen and EPYC processors by the same week.
  • In the same 11 January 2018 disclosure, AMD also shared that Linux vendors have started to roll out OS patches for both Spectre exploits, and they’re working on the “return trampoline (Retpoline)” software mitigations as well.[adrotate group=”2″]
  • On 23 January 2018, Apple released Meltdown patches for macOS Sierra and OS X El Capitan, but not macOS High Sierra.
  • On 23 January 2018, Microsoft finally revealed their Spectre and Meltdown patch schedule.
  • On 24 January 2018, AMD revealed their 11 software mitigations for both Spectre exploits.
  • The 24 January 2018 AMD whitepaper also revealed that the AMD K10 and K8 processors are vulnerable as well, adding an additional 663 CPU models to the list of vulnerable processors.
  • On 2 February 2018, Microsoft released KB4078130 to disable the Spectre 2 patches that were causing many Intel systems to randomly and spontaneously reboot.
  • On 8 February 2018, an Intel microcode update schedule revealed that their Penryn-based processors are also vulnerable, adding an additional 314 CPU models to the list of vulnerable processors.
  • On 14 February 2018, Intel revealed an expanded Bug Bounty Program, offering up to $250,000 in bounty awards.

 

Some AMD PCs Got Bricked

In the rush to mitigate against Meltdown and Spectre, Microsoft released Windows 10 patches that bricked some AMD PCs. They blamed the incorrect / incomplete documentation provided by AMD.

You can read more about this issue @ These Windows 10 Updates Are Bricking AMD PCs!

 

Buggy Intel Spectre 2 Patches Updated!

Intel’s rush to patch Meltdown and Spectre resulted in buggy microcode patches, causing several generations of their CPUs to randomly and spontaneously reboot.

So far, over 800 Intel CPU models have been identified to be affected by these spontaneous reboot issues. If you have one of the affected CPUs, please hold off BIOS / firmware updates!

Intel has identified the cause as the Spectre 2 patches in their microcode updates for some of these processors. They’re still investigating the cause of the other affected CPU models.

Fortunately for Windows users, Microsoft issued the KB4078130 emergency update to stop the reboots while Intel worked to fix the issue.

You can read more about this issue @ The Intel Spectre Reboot Issue, and the Microsoft solution @ KB4078130 : Emergency Windows Update To Disable Intel Spectre Patches!

 

What Should You Do? Updated!

First and foremost – DO NOT PANIC. There is no known threat or attack using these exploits.

Although we listed a number of important patches below, the buggy updates are worse than the potential threat they try to fix. So we advise HOLDING OFF these patches, and wait for properly-tested versions a few weeks down the line.

  • If you are using Windows, make sure you install the latest Microsoft Spectre and Meltdown updates.
  • If you are using a Mac system, get the latest Apple Spectre and Meltdown patches.
  • If you are using an iOS device, get updated to iOS 11.2 or tvOS 11.2.
  • If you are using Firefox, update to the latest Firefox 57.
  • If you are using Google Chrome, make sure you watch out for Chrome 64, which will be released on 23 January.
  • Download and install the latest software firmware updates from your PC, laptop, motherboard brands. In particular, install the latest driver for the Intel Management Engine (Intel ME), the Intel Trusted Execution Engine (Intel TXE), and the Intel Server Platform Services (SPS)
  • If you are running an ARM processor on Linux, grab the kernel patches.
  • IBM POWER system users can download and install these firmware updates.
  • Users of affected NVIDIA systems can download and install these driver and firmware updates.
  • If you are using an Intel system, hold off updating your firmware, unless you have already verified that your CPU is not affected by the buggy Intel patches, or Intel has already issued corrected patches.

 

The Performance Impact Of The Mitigation Patches

Many benchmarks have been released, showing performance impacts of between 5% to 30%, depending on the type of benchmark and workload. Microsoft has called those benchmark results into question, stating that they did not cover both operating system and silicon microcode patches.

They released an initial report on their findings, which we have summarised in our article – Pre-2016 Intel CPUs Hit Worst By Meltdown + Spectre Fix.

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Intel Bug Bounty Program : How You Can Earn $250,000 Hunting Bugs!

The Intel Bug Bounty Program was launched in March 2017, but after Meltdown and Spectre, Intel kicked it up a notch. Find out how you can earn up to $250,000 hunting bugs!

 

The New Intel Bug Bounty Program

The Intel Bug Bounty Program was created to incentivise security researchers to hunt for bugs in Intel’s products. However, it was an invitation-only program, which greatly limited the pool of eligible bug hunters.

On 14 February 2018, Rick Echevarria, the Vice President and General Manager of Platform Security at Intel, announced the expansion of the Intel Bug Bounty Program. Here are the changes :

  • The Intel Bug Bounty Program is no longer invitation-only. Anyone who meets the minimum requirements are eligible to participate.
  • Intel created a new bounty targeted specifically at side channel vulnerability (like Meltdown and Spectre). This bounty ends on 31 December 2018, and pays up to $250,000.
  • Intel also raised bounty awards across the board, with awards of up to $100,000 for other vulnerabilities.

 

The New Intel Bug Bounty Awards

Vulnerability Severity Intel Software Intel Firmware Intel Hardware
Critical (9.0 – 10.0) Up to $10,000 Up to $30,000 Up to $100,000
High (7.0 – 8.9) Up to $5,000 Up to $15,000 Up to $30,000
Medium (4.0 – 6.9) Up to $1,500 Up to $3,000 Up to $5,000
Low (0.1 – 3.9) Up to $500 Up to $1000 Up to $2,000
  • Intel will award a Bounty for the first report of a vulnerability with sufficient details to enable reproduction by Intel.
  • Intel will award a Bounty from $500 to $250,000 USD depending on the nature of the vulnerability and quality & content of the report.
  • The first external report received on an internally known vulnerability will receive a maximum of $1,500 USD Award.
  • The approved CVSS calculators which may be used for determining the baseline Severity of all reported vulnerabilities shall be either the NVD CVSSv3 calculator or the FIRST CVSSv3 calculator at Intel’s sole discretion.[adrotate group=”2″]
  • Intel will publicly recognize security researchers on advisories and Bug Bounty collateral, at or after the time of public disclosure of the vulnerability, if & as agreed to by the researcher who reported the vulnerability.
  • Awards are limited to one (1) Bounty Award per eligible root-cause vulnerability. If that vulnerable component is present in other Intel products, a Bounty Award will be paid only for the first reported product instance. Intel, at its sole discretion, will decide whether the reported vulnerability is the first reported product instance of that root-cause vulnerability.

 

The Side Channel Vulnerability Bounty Awards

This is a time-limited bounty that ends on 31 December 2018, and is limited to bugs that are :

  • root-caused to Intel hardware
  • exploitable via software
Vulnerability Severity Intel Hardware w/ Side Channel Exploit through Software
Critical (9.0 – 10.0) Up to $250,000
High (7.0 – 8.9) Up to $100,000
Medium (4.0 – 6.9) Up to $20,000
Low (0.1 – 3.9) Up to $5,000

Next Page > The Program Requirements & Eligible Products

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The New Intel Bug Bounty Program Requirements

To qualify for the new Intel Bug Bounty Program, you must meet ALL of the following requirements.

  • You are reporting in an individual capacity or, if employed by another company, you have that company’s written approval to submit a report to Intel’s Bug Bounty program.
  • You are at least 18 years of age, and, if considered a minor in your place of residence, you have your parent’s or legal guardian’s permission prior to reporting.
  • You are not a resident of a US-embargoed country.
  • You are not on a US list of sanctioned individuals.
  • You are not currently nor have been an employee of Intel Corporation, or an Intel subsidiary, within 6 months prior to submitting a report.
  • You are not currently nor have been under contract to Intel Corporation, or an Intel subsidiary, within 6 months prior to submitting a report.
  • You are not a family nor household member of any individual who currently or within the past 6 months meets or met the criteria listed in the two bullet points directly above.
  • You agree to participate in testing mitigation effectiveness and coordinating disclosure / release / publication of your finding with Intel.

 

The New Intel Bug Report Requirements

For your Intel bug reports to be eligible for bounty award consideration, they must meet the following requirements :

  • Must be encrypted with the Intel PSIRT public PGP key.
  • Must pertain to an item explicitly listed below as “Eligible Intel products and technologies”.
  • Must identify an original and previously unreported & not publicly disclosed vulnerability.
  • Must have been tested against most recent publicly available version of the affected product or technology.
  • Must include clear documentation on the vulnerability and instructions on how to reproduce the vulnerability.
  • Must include your assessed CVSS v3 vector string, score, and rating using one of the approved CVSS v3 calculators referenced below.

The following are vulnerabilities that will not qualify for bounty awards :

  • Vulnerabilities in pre-release versions (e.g., Beta, Release Candidate).
  • Vulnerabilities in versions no longer under active support.
  • Vulnerabilities already known to Intel.
  • Vulnerabilities present in any component of an Intel product where the root-cause vulnerability in the component has already been identified for another Intel product.
  • Vulnerabilities considered out of scope as defined below.
[adrotate group=”1″]

 

Eligible Intel Products & Technologies

Intel Hardware

  • Processor (inclusive of micro-code ROM + updates)
  • Chipset
  • FPGA
  • Networking / Communication
  • Motherboard / System (e.g., Intel Compute Stick, NUC)
  • Solid State Drives

Intel Firmware

  • UEFI BIOS (Tiano core components for which Intel is the only named maintainer)
  • Intel Management Engine
  • Baseboard Management Controller (BMC)
  • Motherboard / System (e.g., Intel Compute Stick)
  • Solid State Drives

Intel Software

  • Device driver
  • Application
  • Tool

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > First Page | Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Confirmed : Intel Penryn CPUs Also Vulnerable To Meltdown + Spectre

Intel has always maintained that Meltdown and Spectre only affected their processors from Nehalem onwards. Every list they released publicly has backed that up. However, we can now confirm that even the Intel Penryn CPUs are also vulnerable to Meltdown and Spectre.

 

Intel Penryn CPUs Also Vulnerable To Meltdown + Spectre

Every list Intel ever released on Meltdown and Spectre have only listed their CPUs from the Nehalem microarchitecture onwards. Although it was possible that the Intel Penryn microarchitecture was also affected, Intel conspicuously left them out of every list.

On 8 February 2018, Intel released a schedule of microcode updates meant to fix the random and spontaneous reboot problems they had with their Spectre 2 patches. Hidden in that schedule is the acknowledgement that the Intel Penryn microarchitecture was also vulnerable.

Those who have been tracking the Intel microcode updates will note that the Intel Penryn processors were not mentioned in the last update on 24 January 2018.

 

What Are The Intel Penryn CPUs Vulnerable To Meltdown + Spectre?

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″] [adrotate group=”1″]

 

Intel Penryn Server CPUs Vulnerable To Meltdown + Spectre

Intel Yorkfield (2008-2009)

  • Intel Xeon X3380
  • Intel Xeon L3380
  • Intel Xeon X3370
  • Intel Xeon X3360
  • Intel Xeon X3350

Intel Wolfdale (2008-2009)

  • Intel Xeon E3120
  • Intel Xeon E3110
  • Intel Xeon L3110

Intel Dunnington (2008)

  • Intel Xeon X7460
  • Intel Xeon E7458
  • Intel Xeon L7455
  • Intel Xeon E7450
  • Intel Xeon L7445
  • Intel Xeon E7440
  • Intel Xeon E7430
  • Intel Xeon E7420

Intel Yorkfield-6M (2008)

  • Intel Xeon X3330
  • Intel Xeon X3320

Intel Yorkfield-CL (2008)

  • Intel Xeon X3363
  • Intel Xeon X3353
  • Intel Xeon X3323
  • Intel Xeon X3113
  • Intel Xeon L3014

Intel Harpertown (2007-2008)

  • Intel Xeon X5492
  • Intel Xeon X5482
  • Intel Xeon X5472
  • Intel Xeon E5472
  • Intel Xeon E5462
  • Intel Xeon X5470
  • Intel Xeon X5460
  • Intel Xeon X5450
  • Intel Xeon E5450
  • Intel Xeon E5440
  • Intel Xeon E5430
  • Intel Xeon L5430
  • Intel Xeon E5420
  • Intel Xeon L5420
  • Intel Xeon E5410
  • Intel Xeon L5410
  • Intel Xeon L5408
  • Intel Xeon E5405

Intel Wolfdale-DP (2007-2008)

  • Intel Xeon X5272
  • Intel Xeon X5270
  • Intel Xeon X5260
  • Intel Xeon L5248
  • Intel Xeon X5240
  • Intel Xeon L5240
  • Intel Xeon L5238
  • Intel Xeon X5220
  • Intel Xeon L5215
  • Intel Xeon X5205

Intel Tigerton (2007)

  • Intel Xeon X7350
  • Intel Xeon L7345
  • Intel Xeon E7340
  • Intel Xeon E7330
  • Intel Xeon E7320
  • Intel Xeon E7310
  • Intel Xeon E7220
  • Intel Xeon E7210

Intel Kentsfield (2007)

  • Intel Xeon X3230
  • Intel Xeon X3220
  • Intel Xeon X3210

Intel Allendale (2007)

  • Intel Xeon 3050
  • Intel Xeon 3040

Intel Clovertown (2006-2007)

  • Intel Xeon X5365
  • Intel Xeon X5355
  • Intel Xeon X5350
  • Intel Xeon E5350
  • Intel Xeon E5345
  • Intel Xeon E5340
  • Intel Xeon E5335
  • Intel Xeon L5335
  • Intel Xeon E5330
  • Intel Xeon E5320
  • Intel Xeon L5320
  • Intel Xeon L5318
  • Intel Xeon E5310
  • Intel Xeon L5310

Intel Conroe (2006-2007)

  • Intel Xeon 3085
  • Intel Xeon 3075
  • Intel Xeon 3070
  • Intel Xeon 3065
  • Intel Xeon 3060
  • Intel Xeon 3050
  • Intel Xeon 3040

Intel Woodcrest (2006)

  • Intel Xeon 5160
  • Intel Xeon 5150
  • Intel Xeon LV 5148
  • Intel Xeon 5140
  • Intel Xeon LV 5138
  • Intel Xeon LV 5133
  • Intel Xeon 5130
  • Intel Xeon LV 5128
  • Intel Xeon 5120
  • Intel Xeon LV 5113
  • Intel Xeon 5110

Next Page > Intel Penryn Desktop + Mobile CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Intel Penryn Desktop CPUs Vulnerable To Meltdown + Spectre

Intel Yorkfield-6M (2008-2010)

  • Intel Core 2 Quad Q9705
  • Intel Core 2 Quad Q9700
  • Intel Core 2 Quad Q9505S
  • Intel Core 2 Quad Q9505
  • Intel Core 2 Quad Q9500
  • Intel Core 2 Quad Q9400S
  • Intel Core 2 Quad Q9400
  • Intel Core 2 Quad Q9300
  • Intel Core 2 Quad Q8400S
  • Intel Core 2 Quad Q8400
  • Intel Core 2 Quad Q8300
  • Intel Core 2 Quad Q8200S
  • Intel Core 2 Quad Q8200

Intel Yorkfield (2008-2009)

  • Intel Core 2 Quad Q9650
  • Intel Core 2 Quad Q9550S
  • Intel Core 2 Quad Q9550
  • Intel Core 2 Quad Q9450S
  • Intel Core 2 Quad Q9450

Intel Wolfdale (2008-2009)

  • Intel Core 2 Duo E8700
  • Intel Core 2 Duo E8600
  • Intel Core 2 Duo E8500
  • Intel Core 2 Duo E8400
  • Intel Core 2 Duo E8300
  • Intel Core 2 Duo E8290
  • Intel Core 2 Duo E8200
  • Intel Core 2 Duo E8190

Intel Wolfdale-3M (2008-2010)

  • Intel Core 2 Duo E7600
  • Intel Core 2 Duo E7500
  • Intel Core 2 Duo E7400
  • Intel Core 2 Duo E7300
  • Intel Core 2 Duo E7200
  • Intel Pentium E6800
  • Intel Pentium E6700
  • Intel Pentium E6600
  • Intel Pentium E6500K
  • Intel Pentium E6500
  • Intel Pentium E6300
  • Intel Pentium E5800
  • Intel Pentium E5700
  • Intel Pentium E5500
  • Intel Pentium E5400
  • Intel Pentium E5300
  • Intel Pentium Dual-Core E5300
  • Intel Pentium E5200
  • Intel Pentium Dual-Core E5200
  • Intel Pentium Dual-Core E2210
  • Intel Celeron E3500
  • Intel Celeron E3400
  • Intel Celeron E3300
  • Intel Celeron E3200

Intel Allendale (2008-2009)

  • Intel Celeron E1600
  • Intel Celeron E1500
  • Intel Celeron E1400
  • Intel Celeron E1200

Intel Yorkfield-XE (2007-2008)

  • Intel Core 2 Extreme QX9775
  • Intel Core 2 Extreme QX9770
  • Intel Core 2 Extreme QX9650

Intel Conroe-L (2007-2008)

  • Intel Celeron 450
  • Intel Celeron 445
  • Intel Celeron 430
  • Intel Celeron 420
  • Intel Celeron 220

Intel Kentsfield (2007)

  • Intel Core 2 Quad Q6700
  • Intel Core 2 Quad Q6600
  • Intel Core 2 Quad Q6400

Intel Conroe-CL (2007)

  • Intel Core 2 Duo E6405
  • Intel Core 2 Duo E6305
  • Intel Celeron 445

Intel Conroe (2006-2008)

  • Intel Core 2 Duo E6850
  • Intel Core 2 Duo E6750
  • Intel Core 2 Duo E6700
  • Intel Core 2 Duo E6600
  • Intel Core 2 Duo E6550
  • Intel Core 2 Duo E6540
  • Intel Core 2 Duo E6420
  • Intel Core 2 Duo E6400
  • Intel Core 2 Duo E6320
  • Intel Core 2 Duo E6300
  • Intel Core 2 Duo E4700
  • Intel Core 2 Duo E4600
  • Intel Core 2 Duo E4500
  • Intel Core 2 Duo E4400
  • Intel Core 2 Duo E4300
  • Intel Pentium Dual-Core E2220
  • Intel Pentium Dual-Core E2200
  • Intel Pentium Dual-Core E2180
  • Intel Pentium Dual-Core E2160
  • Intel Pentium Dual-Core E2140

Intel Kentsfield-XE (2006-2007)

  • Intel Core 2 Extreme QX6850
  • Intel Core 2 Extreme QX6800
  • Intel Core 2 Extreme QX6700
[adrotate group=”1″]

 

Intel Penryn Mobile CPUs Vulnerable To Meltdown + Spectre

Intel Penryn-3M (2008-2011)

  • Intel Core 2 Duo SU9600
  • Intel Core 2 Duo SP9600
  • Intel Core 2 Duo SU9400
  • Intel Core 2 Duo SP9400
  • Intel Core 2 Duo SU9300
  • Intel Core 2 Duo SP9300
  • Intel Core 2 Duo SU7300
  • Intel Pentium T4500
  • Intel Pentium T4400
  • Intel Pentium T4300
  • Intel Pentium T4200
  • Intel Pentium SU4100
  • Intel Pentium SU2700
  • Intel Celeron T3500
  • Intel Celeron T3300
  • Intel Celeron T3100
  • Intel Celeron T3000
  • Intel Celeron SU2300
  • Intel Celeron 925
  • Intel Celeron 900
  • Intel Celeron ULV 763
  • Intel Celeron M ULV 743
  • Intel Celeron M ULV 723
  • Intel Celeron M ULV 722

Intel Penryn-L (2008-2009)

  • Intel Core 2 Solo SU3500
  • Intel Core 2 Solo SU3300

Intel Penryn (2008-2009)

  • Intel Core 2 Duo T9900
  • Intel Core 2 Duo T9800
  • Intel Core 2 Duo P9700
  • Intel Core 2 Duo P9600
  • Intel Core 2 Duo T9600
  • Intel Core 2 Duo SL9600
  • Intel Core 2 Duo T9550
  • Intel Core 2 Duo P9500
  • Intel Core 2 Duo T9500
  • Intel Core 2 Duo SL9400
  • Intel Core 2 Duo T9400
  • Intel Core 2 Duo SL9380
  • Intel Core 2 Duo SL9300
  • Intel Core 2 Duo T9300
  • Intel Core 2 Duo P8800
  • Intel Core 2 Duo P8700
  • Intel Core 2 Duo P8600
  • Intel Core 2 Duo E8435
  • Intel Core 2 Duo P8400
  • Intel Core 2 Duo E8335
  • Intel Core 2 Duo T8300
  • Intel Core 2 Duo E8235
  • Intel Core 2 Duo E8135
  • Intel Core 2 Duo T8100
  • Intel Core 2 Duo P7570
  • Intel Core 2 Duo P7550
  • Intel Core 2 Duo P7460
  • Intel Core 2 Duo P7450
  • Intel Core 2 Duo P7370
  • Intel Core 2 Duo P7350
  • Intel Core 2 Duo T6970
  • Intel Core 2 Duo T6900
  • Intel Core 2 Duo T6670
  • Intel Core 2 Duo T6600
  • Intel Core 2 Duo T6570
  • Intel Core 2 Duo T6500
  • Intel Core 2 Duo T6400

Intel Penryn QC-XE (2008)

  • Intel Core 2 Extreme QX9300

Intel Penryn QC (2008)

  • Intel Core 2 Quad Q9100
  • Intel Core 2 Quad Q9000

Intel Merom-2M (2007-2008)

  • Intel Core 2 Duo U7700
  • Intel Core 2 Duo U7600
  • Intel Core 2 Duo U7500
  • Intel Pentium Dual-Core T3400
  • Intel Pentium Dual-Core T3200
  • Intel Pentium Dual-Core T2410
  • Intel Pentium Dual-Core T2390
  • Intel Pentium Dual-Core T2370
  • Intel Pentium Dual-Core T2330
  • Intel Pentium Dual-Core T2310
  • Intel Celeron T1700
  • Intel Celeron T1600
  • Intel Celeron T1500
  • Intel Celeron T1400
  • Intel Celeron 585
  • Intel Celeron 575

Intel Merom-L (2007)

  • Intel Core 2 Solo ULV U2200
  • Intel Core 2 Solo ULV U2100
  • Intel Celeron ULV 573
  • Intel Celeron M ULV 523

Intel Merom (2007)

  • Intel Core 2 Duo T7800
  • Intel Core 2 Duo T7700
  • Intel Core 2 Duo SP7700
  • Intel Core 2 Duo L7700
  • Intel Core 2 Duo T7600G
  • Intel Core 2 Duo T7600
  • Intel Core 2 Duo SP7500
  • Intel Core 2 Duo T7500
  • Intel Core 2 Duo L7500
  • Intel Core 2 Duo T7400
  • Intel Core 2 Duo L7400
  • Intel Core 2 Duo T7300
  • Intel Core 2 Duo L7300
  • Intel Core 2 Duo T7250
  • Intel Core 2 Duo T7200
  • Intel Core 2 Duo L7200
  • Intel Core 2 Duo T7100
  • Intel Core 2 Duo SL7100
  • Intel Core 2 Duo T5900
  • Intel Core 2 Duo T5800
  • Intel Core 2 Duo T5750
  • Intel Core 2 Duo T5670
  • Intel Core 2 Duo T5600
  • Intel Core 2 Duo T5550
  • Intel Core 2 Duo T5500
  • Intel Core 2 Duo T5470
  • Intel Core 2 Duo T5450
  • Intel Core 2 Duo T5300
  • Intel Core 2 Duo T5270
  • Intel Core 2 Duo T5250
  • Intel Core 2 Duo T5200
  • Intel Celeron 570
  • Intel Celeron 560
  • Intel Celeron 550
  • Intel Celeron 540
  • Intel Celeron 530
  • Intel Celeron M 530
  • Intel Celeron M 520

Intel Merom-XE (2007)

  • Intel Core 2 Extreme X7900
  • Intel Core 2 Extreme X7800

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > First Page | Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Lunar New Year Online Shopping Tips From Kaspersky

Every festive season turns into a shopping frenzy, and the action has moved increasingly online. With the convenience of online payment and in-app purchases, with delivery to your door, comes the very real risk of cybercrime, with you as the target. So here are some online shopping tips from Kaspersky!

Everyone loves a great deal during the Lunar New Year, and throughout the year. For cyber criminals, your frenzied shopping to get all the items you need delivered before the festivities begin is a prime opportunity. This is because in the euphoria and adrenaline rush of shopping, you will be more likely to make basic mistakes that can expose your personal data.

General Manager for Kaspersky Lab Southeast Asia, Sylvia Ng explained that the brand understands festive season shopping is a priority for consumers but reminds that it is also a prime opportunity for cyber criminals.

“Get your shopping done safely. Sipping on an espresso at a local coffee house and doing your Internet shopping does seems convenient. However, you open yourself up to criminal activity by doing so. Public Wi-Fi networks are often less secure than private ones, and you risk the possibility of logging onto a phantom network instead of the real one, opening you up to potential identity theft”.

Everyone needs to be wary of public Wi-Fi when using your smartphones and tablets. If you have to do your shopping on any Wi-Fi network, you first need to ensure that it is secure and a network you can trust. Cyber criminals know consumers are more likely to visit sites with login accounts or financial information during busy shopping times.

They can easily monitor all the information sent across public Wi-Fi networks, which can include your bank account or credit card number. Is that deal really so attractive that you are willing to put your online identity and finances at risk? Probably not.

Lunar New Year Online Shopping Tips

This year, don’t let your last minute shopping frenzy lead you down a path of bad security decisions. Here are some common mistakes, and how you can avoid them.

  • Check that you are using the authentic website of your bank or payment system – this should be obvious, but it is a common mistake that can be very costly!
  • Pay attention to the https prefix, which indicates an encrypted connection – makes a world of difference.
  • Check the spelling of the website – a misspelled address is an obvious sign of a fake phishing page.
  • Use that virtual keyboards to protect your password from being intercepted by key loggers.

Also, consider the following when shopping online:

Avoid ransomware — don’t open email attachments from unknown shopping sites, and always back up your files.

Be aware of phishing links — don’t click on unexpected links sent via email, SMS, or messengers.

[adrotate group=”2″]

Create strong passwords — combine letters, number and special characters to make them harder to hack.

Shop at safe sites — browse reviews before trusting online shopping sites with your credit card info.

Avoid shopping on public Wi-Fi — criminals love to snoop for your credentials in unsecured wireless networks.

Turn off Bluetooth, connect via cellular — these simple steps will make your smartphone connection much more secure.

Deny suspicious freeware — these ‘gifts’ might include adware or something even worse.

Avoid forged shipping confirmation emails — it could be a phishers’ bait for a quick click.

“These tips that we share are culled from real-life experiences of people. So, before you click on any deal, make sure that you are going to trusted sites. If you find a deal that seems too good to be true, it probably is,” added Sylvia Ng.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Dimension Data Adopts Cisco Umbrella In Cybersecurity Strategy

7 February 2018 – Dimension Data today announced that it has extended the company’s protection from ransomware, phishing attacks, bot networks, and all types of malicious software, with Cisco Umbrella, the industry’s first Secure Internet Gateway (SIG) in the cloud.

The decision to incorporate Cisco Umbrella follows the company’s firsthand experience protecting its own 28,000 employees and addresses its clients’ requirement to support an increasingly mobile workforce.

 

Dimension Data Adopts Cisco Umbrella In Cybersecurity Strategy

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet.

“In today’s expanding threat landscape, it is critical to have powerful security tools that effectively support mobility and cloud. With Cisco® Umbrella, we are able to proactively stop threats on any mobile device before they happen with a secure solution that is easily integrated with existing infrastructure.” said Chris Panzeca, Senior Director, Global Strategic Partner Sales, Cisco.

“Today, the average user utilises four devices per day, and this is predicted to increase to five connected devices in the next four years,” said Darren O’Loughlin, Dimension Data’s Group Chief Security Officer. “As more enterprises look to harness the benefits of a mobile workforce that leverages cloud platforms, there’s a greater need to implement appropriate measures to secure data, infrastructures, applications and users, regardless of where they connect to the internet, and even if they’re off the VPN. That’s why we adopted Cisco Umbrella into our own cybersecurity strategy.”

According to the NTT 2017 Global Threat Intelligence Report, attacks targeting end users is one of the top cybersecurity threats on the rise. In line with this trend, security has become the top focus at the highest level. Now, more than ever, security leaders are being forced to demonstrate a return on investment of their security investments. This includes the business value realised through continuous cyber protection, detection, and response measures.

[adrotate group=”1″]

In 2016, Dimension Data published its Securing Workspaces for Tomorrow white paper which explored the topic of how employees across the globe are already demanding a more mobile workplace with the flexibility to work from anywhere, any time, on any device to become more productive and achieve a better work-life balance.

“However,” said Matthew Gyde, Group Executive – Security, Dimension Data, “While the mobile Endpoint is a potential game changer for businesses, it exposes mobile workers to security risks and vulnerabilities. Mobile users may not have the same level of security as within the office perimeter, and are more vulnerable to cyberattacks. With Cisco Umbrella, threats beyond the network perimeter can be blocked.”

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Safer Internet Day : Google’s Tips To Stay Safe Online!

To celebrate Safer Internet Day, Google shared these tips on how to stay safe online! Don’t forget to share this with your family and friends!

We know that keeping your information safe and private is important to you, which is why we’ve baked security features into all our products. We’ve also developed technologies to help keep the broader internet safe, too.

Whether you’re using Gmail, Android, YouTube, or are simply browsing the web, here are some of the tools and features that you can be confident will help you keep safe:

 

Safer Internet Tip #1 : Personalize your account security

The Security Checkup provides a clear security status and personalized recommendations to strengthen your account security. A green check mark means you’re good to go, and a yellow or red exclamation point means there’s at least one issue for you to take care of.

Safer Internet Tip #2 : Look out for automatic warnings

Spotting phishing scams or dangerous websites can be a challenge, even for savvy web users. Our automated systems detect and warn you about sites with malware, or attempts to phish you. Just keep an eye out for our warnings and follow the instructions—we’ve got you covered.

Safer Internet Tip #3 : Protect your Google account with two-factor authentication

Secure your email inbox by activating 2-step verification. With this feature, you’ll need a password and a verification code that’s sent to your mobile phone to be able to get into your inbox. Enroll in 2-step verification here to add an extra layer of security your account.

[adrotate group=”1″]

Safer Internet Tip #4 : Download apps on Google Play for peace of mind on your Android

If you’re an Android user, the safest place to download apps is from the Google Play store. Google Play Protect checks apps and your device around the clock to keep out malicious programs and makes sure you have the latest in mobile security protection.

In 2017 alone, we took down more than 700,000 apps that violated Google Play policies, 70% more than the apps taken down in 2016. Google Play Protect is the ideal security blanket for your mobile device, so can you consider yourself and your data covered.

Google Play Protect is also there to help you if you ever misplace your phone. Visit android.com/find to locate, ring, lock and erase your Android devices—phones, tablets, and even watches.

Safer Internet Tip #5 : You too can help keep YouTube safe

YouTube has always allowed people like you and me to report content we think is inappropriate. Once you’ve flagged a video, it’s submitted for review to YouTube staff who then carefully look at the content to determine whether there’s a violation of YouTube’s Community Guidelines to see if it should be removed. You can also flag individual comments under any video for abuse or spam.

Go Back To > Guides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


FREE Acronis Ransomware Protection For All!

The world is under siege by ransomware attacks. Ransomware don’t just put our personal data at risk, they are a serious threat to critical services and even national security. Therefore, we are elated to learn about the new Acronis Ransomware Protection – a free, standalone app that will protect us against ransomware.

 

The Ransomware Threat

Ransomware remains a silent destroyer of data for users worldwide. New strains of ransomware can easily bypass traditional anti-virus software to encrypt user data.

According to a ransomware survey conducted by Acronis earlier this month, 57.5% of the respondents still don’t know that ransomware can wipe their files and disable computer. Only 9.2% of the respondents heard about the WannaCry or NotPetya attacks last year, and 37.4% report that they don’t know how to protect their data or choose to do nothing.

These findings demonstrate a need for an easy, universal ransomware protection solution, and 55.5% of the survey respondents said that they would use one if it was free.

 

Acronis Ransomware Protection

Acronis Ransomware Protection is designed to stop ransomware attacks in real-time, and help users recover their data without paying any ransom. It is compatible with all popular backup and anti-virus programs, and provides an additional level of defense.

In event of a ransomware attack, Acronis Ransomware Protection blocks the malicious process and notifies the user with a popup. If any files were damaged in the attack, it facilitates the instant recovery of those affected files.

Acronis Ransomware Protection also comes with a cloud backup capability, allowing users to protect important files not only from ransomware, but also from hardware failure, natural disasters and other causes of data loss. Every user receives 5 GB of free Acronis Cloud storage.

Easy to install, Acronis Ransomware Protection is essentially a “set it and forget it” protection solution. The lightweight program (only 20 MB in size) requires limited system resources, which means it can run quietly in the background without affecting system performance.

 

Acronis Active Protection

Acronis Ransomware Protection is based on the Acronis Active Protection technology, that monitors system processes in real time, and uses unique behavioural heuristics to detect a ransomware attack.

[adrotate group=”2″]

These heuristics are constantly being improved by machine learning models, that are generated by analysing hundreds of thousands of malicious and legitimate processes in the Acronis Cloud AI infrastructure.

According to Acronis, this AI-based training is “tremendously effective” in defeating all ransomware strains, including zero-day attacks that signature-based solutions cannot detect.

 

Downloading Acronis Ransomware Protection

Acronis Ransomware Protection is currently available only for the Microsoft Windows operating system. Head over to its official page for the FREE download.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky : The Password Dilemma & Solution Revealed!

Today we log into online accounts all the time. But what if suddenly you can’t log into the account you need, when you need it? What if you get the dreaded ‘password error’ message? Do you end up not being able to get home in time, or going out without a coat in the rain?

With the reality sometimes being much more serious than that, Kaspersky Lab research has revealed the dilemma people face when protecting their online accounts.

 

The Password Dilemma & Solution Revealed!

With our increasing dependency on online accounts to get us through our day-to-day lives, Kaspersky Lab has found that people are increasingly facing a dilemma – how to choose their passwords.

Some end up using strong and different passwords for every single account so that nothing can be hacked or exploited, but risk forgetting their passwords in the process. Others choose memorable passwords that make their lives easier, but also play right into cybercriminal hands.

Option #1 – Strong Passwords That Are Hard To Remember

According to Kaspersky’s research, many consumers understand the need for strong passwords on their accounts. When asked which three of their online accounts required the strongest passwords, 63% of consumers selected online banking accounts, 42% selected payment applications including e-wallets, and 41% online shopping.

However, the difficulty of remembering all these strong passwords means people are likely to forget them and still get locked out of their accounts. Two-in-five (38%) people cannot quickly restore passwords to their personal online accounts after losing them. This may lead to feelings of frustration or stress if they can’t carry on their normal activities as a result.

When it comes to password storage, half (51%) store passwords insecurely, with a quarter (23%) writing them in a notepad so that they don’t have to remember them, which also puts their security at risk.

 

Option #2 – Weak Passwords That Are Easy To Crack

[adrotate group=”2″]

As an alternative answer to the password dilemma, and to avoid the frustration of having to remember long passwords, some people are developing other insecure password habits instead. For example, 10% use just one password for all accounts, allowing them to live their online lives seamlessly, without ever struggling to remember how to login to anything. That’s until a cybercriminal gets hold of that one key password and unlocks everything for themselves, of course.

Indeed, 17% of the consumers surveyed by Kaspersky Lab have faced the threat of, or have successfully had, an online account hacked in the past 12 months. Emails are the most targeted accounts (41%), closely followed by social media (37%), banking accounts (18%) and shopping accounts (18%).

 

There Is A Third Option After All

According to Kaspersky Lab, consumers don’t have to be limited to just two options in answering their password dilemmas. There is in fact no need for them to compromise, as Andrei Mochola, Head of Consumer Business at Kaspersky Lab explains,

“If people have strong passwords that they can remember, they will not only be able to access everything they need, whenever they need it, but the information held in their accounts will also be secure from hackers. This is important to consumers that just want to get on with their day-to-day lives in safety – allowing them to, for example, find someone’s contact information, recall a specific meeting place, win the war in their favorite game, check their emails, or order something they need when they want, without revealing their information to any hackers or criminals.

“But remembering secure passwords is difficult, meaning users face a password dilemma every day – and often either forget strong passwords or end up creating passwords that are easy to remember but also easy to hack. However, there is a third option which can bring consumers peace of mind – using a password manager solution allows people to have strong passwords, without having to write them down in notepads or remember complicated strings of words with special characters”.

To help consumers regain control over their sprawling online identities, Kaspersky Password Manager stores all of a user’s passwords in a secure vault. They only need to remember one master password in order to access all of their accounts, taking away the panic felt when access is prevented for whatever reason.

Through a free My Kaspersky account, users can access their passwords via any device, no matter where they are or what time of day, helping them keep accounts and valuable information secure and only available to the user. The automatic password generator feature also helps create strong passwords, taking away the pain for users but giving hackers a big headache.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Pre-2016 Intel CPUs Hit Worst By Meltdown + Spectre Fix

Microsoft just revealed that pre-2016 Intel CPUs will be hit worst by the Meltdown and Spectre patches. They also pointed out that the performance impact detailed in benchmarks published so far did not include both operating system and silicon updates, and are therefore, inaccurate.

Microsoft is still working on their own set of benchmarks that will look at the performance impact after both operating system and silicon updates have been applied. In the meantime, Terry Myerson, Executive Vice President of the Windows and Devices Group, shared some preliminary findings.

 

Performance Impact Of The Meltdown + Spectre Patches

According to Terry, the patches for Variant 1 (Spectre 1) and Variant 3 (Meltdown) of the speculative execution bug have minimal performance impact.

It is the Variant 2 (Spectre 2) patches, both operating system and silicon microcode, that have a significant performance impact.

Here is a summary of what Microsoft has found so far :

Windows 10 With 2016 Or Newer Intel CPUs

Intel CPU Models : Intel Skylake, Intel Kaby Lake, Intel Coffee Lake

Performance Impact : Single digit reduction in performance. Microsoft does not expect most users to notice the impact, because the percentages are “reflected in milliseconds“.

Windows 10 With Pre-2016 Intel CPUs

Intel CPU Models : Intel Broadwell, Intel Haswell, Intel Ivy Bridge, Intel Sandy Bridge, or older.

Performance Impact : Significant slowdowns in some benchmarks. Microsoft expects some users to notice the decrease in performance.

Windows 8 and Windows 7 With Pre-2016 Intel CPUs

Intel CPU Models : Intel Broadwell, Intel Haswell, Intel Ivy Bridge, Intel Sandy Bridge, or older.

Performance Impact : Significant slowdowns. Microsoft expects most users to notice the decrease in performance.

Windows Server On Any Intel CPU

Performance Impact : Significant slowdowns in any IO-intensive application.

 

Why The Difference In Performance Impact?

In the newer Intel processors (from the 2016 Skylake onwards), Intel refined the instructions used to disable branch speculation to be more specific to indirect branches. This reduces the performance impact of Spectre mitigation patches.

There is a larger performance impact with Windows 8 and Windows 7 because they have more user-kernel transitions. For example, all font rendering takes place in the kernel.

 

What Should You Do?

If you are using a newer Intel CPU like the Core i7-8700K with Windows 10, you can rest easy knowing that the performance impact of the Meltdown and Spectre patches to be minimal.

If you are using a newer Intel CPU with an older operating system like Windows 8 or Windows 7, you should consider upgrading to Windows 10. This would reduce the performance impact of the Meltdown and Spectre patches.

[adrotate group=”2″]

If you are using a pre-2016 Intel CPU with Windows 10, there is nothing much you can do except consider upgrading to a newer processor. You could possibly live with the performance impact of the Meltdown and Spectre patches.

If you are using a pre-2016 Intel CPU with an older operating system like Windows 8 or Windows 7, you can try upgrading to Windows 10 to reduce the performance impact of the Meltdown and Spectre patches.

If you are managing a Windows Server that uses Intel CPUs, you will need to balance the risk of leaving each Windows Server instance unprotected, against the significant performance impact of protecting it against Meltdown and Spectre.

 

Meltdown + Spectre Reading Suggestions

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Kaspersky Lab Protection For Household 2.0 Revealed!

Kaspersky Lab is not letting their woes with the US Department of Homeland Security detract them from their core business of protecting consumers against cyberthreats. That was the message they conveyed when they presented the Kaspersky Lab protection options for Household 2.0.

 

Household 2.0

The modern home has changed. In the new era of Household 2.0 which consists of 2.4 people and 0.3 pets, there is an average of 6.3 connected devices per house! Yet, the Kaspersky Cybersecurity Index found that 39% of people are leaving their devices unprotected from cyberthreats like hacking, malware, financial fraud and more.

To protect these connected devices that play such a prominent role in Household 2.0, Kaspersky Lab is introducing updated versions of Kaspersky Internet Security and Kaspersky Total Security.

 

Kaspersky Lab Protection For Household 2.0

The updated Kaspersky Internet Security and Kaspersky Total Security come with anti-phishing technology to prevent users from falling victim to fake or spam emails, fake websites and fraud.

In addition, the updated URL Advisor tells a user whether a link in the search engine leads to a trusted, suspicious, dangerous or phishing website, or a website that may cause their computer harm, via a special indicator close to each link.

Many people are also worried about ransomware and the loss of their digital memories. To give them peace of mind, the new Kaspersky Internet Security and Kaspersky Total Security have updated anti-ransomware features.

Protecting your mobile devices is the new App Lock feature for Android. You can now protect specific apps like instant messaging services, social media or email accounts with a secret code. You can also use the Kaspersky Secure Connection service to encrypt your network traffic whenever you use a public or insecure Wi-Fi network.

Children are also increasingly connected to the Internet. To protect them, parents can use Kaspersky Safe Kids parental controls in Kaspersky Total Security to set time limits, restrict applications and prevent access to pages with adult content, obscene language or information on drugs and weapons.

 

The 2018 Kaspersky Lab Product Price List

Products One Device Three Devices Five Devices
Kaspersky Total Security RM 109 / ~US$ 27 RM 199 / ~US$ 49 NA
Kaspersky Internet Security RM 100 / ~US$ 24 RM 179 / ~US$ 44 RM 249 / ~US$ 68
Kaspersky Anti-Virus RM 39.90 / ~US$ 9.70 RM 119 / ~US$ 29 RM 199 / ~US$ 49

Here are some Amazon purchase links :

 

The Kaspersky Think Security Campaign

In conjunction with the announcement of the new Kaspersky Lab protection fo household 2.0, Techlane Resources, the Kaspersky Lab distributor in Malaysia, announced the Kaspersky Think Security Campaign.

You can now purchase Kaspersky Internet Security 3 Devices 1 Year at RM 179 / US$ 44 and get the following Kaspersky products absolutely FREE :

[adrotate group=”2″]
  • Kaspersky Internet Security 1 Device 1 Year,
  • Kaspersky Internet Security for Mac 1 Year, and
  • Kaspersky Internet Security for Android 1 Device 1 Year

You can also purchase Kaspersky Anti-virus 1 Device 1 Year at RM39.90 / ~US$ 9.70 and get the following Kaspersky products absolutely FREE :

  • Kaspersky Anti-Virus 1 Device 1 Year,
  • Kaspersky Internet Security for Mac 1 Year, and
  • Kaspersky Internet Security for Android 1 Device 1 Year

Go Back To > Events | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky Lab Challenges DHS Ban Of Kaspersky Products

December 19, 2017 – Kaspersky Lab is challenging the DHS ban of the use of its products in federal agencies. In a statement issued today, Kaspersky Lab announced that it is seeking an appeal in federal court of U.S. Department of Homeland Security’s (DHS) decision on Binding Operational Directive 17-01 banning the use of the company’s products in federal agencies.  

 

Kaspersky Lab Challenges DHS Ban Of Kaspersky Products

Kaspersky Lab has filed an appeal under the Administrative Procedure Act to enforce its constitutional due process rights and challenge the DHS ban on the use of the company’s products and solutions by U.S. government agencies.

The company asserts that the DHS’s decision is unconstitutional and relied on subjective, non-technical public sources such as uncorroborated and often anonymously sourced media reports, related claims, and rumours.

Furthermore, Kaspersky Lab claims that the DHS failed to provide the company adequate due process to rebut the unsubstantiated allegations underlying the Directive and has not provided any evidence of wrongdoing.

Kaspersky Lab reached out to DHS in mid-July, offering to provide any information or assistance concerning the company, its operations, or its products. In mid-August, DHS confirmed receipt of the company’s letter, appreciating the offer to provide information and expressing interest in future communications with Kaspersky Lab regarding the matter.

However, the next communication from DHS to Kaspersky Lab was notification regarding the issuance of Binding Operational Directive 17-01 on September 13, 2017.

The DHS ban on the use of Kaspersky products in federal agencies damaged Kaspersky Lab’s reputation and its sales in the U.S. In filing this appeal, Kaspersky Lab hopes to protect its due process rights under the U.S. Constitution and federal law and repair the harm caused to its commercial operations, its U.S.-based employees, and its U.S.-based business partners.

“Because Kaspersky Lab has not been provided a fair opportunity in regards to the allegations and no technical evidence has been produced to validate DHS’s actions, it is in the company’s interests to defend itself in this matter. Regardless of the DHS decision, we will continue to do what really matters: make the world safer from cybercrime,” said Eugene Kaspersky, CEO of Kaspersky Lab.

 

The Kaspersky Global Transparency Initiative

On 23 October 2017, Kaspersky Lab launched its Global Transparency Initiative. This Initiative will include :

[adrotate group=”2″]
  • an independent review of the company’s source code, software updates and threat detection rules;
  • an independent review of internal processes to verify the integrity of the company’s solutions and processes;
  • three transparency centers by 2020, in Asia, Europe and the U.S.; and
  • increased bug bounty rewards up to $100k per discovered vulnerability in Kaspersky Lab products.

You can read more about this initiative in our article – How Kaspersky Lab Plans To Counter Alleged Ties To Russian Intelligence.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Symantec 2018 Cybersecurity Predictions

David Rajoo, Director of Systems Engineering, Symantec Malaysia, reveals the Symantec 2018 Cybersecurity Predictions. They will help CIOs and cybersecurity experts prepare for the onslaught of cybersecurity threats in 2018.

 

The Symantec 2018 Cybersecurity Predictions

This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. In 2018, we expect the trend to become more pronounced as these attackers will use machine learning and artificial intelligence to launch even more potent attacks.

Gear up for a busy year ahead. Incidents like the WannaCry attack, which impacted more than 200,000 computers worldwide in May, are just the warmup to a new year of more virulent malware and DDoS attacks. Meanwhile, cyber criminals are poised to step up their attacks on the millions of devices now connected to the Internet of Things both in offices and homes.

The cybersecurity landscape in 2018 is sure to surprise us in ways that we never imagined. As 2017 draws to a close, here is what you can expect over the course of the upcoming year:

 

The Symantec 2018 Cybersecurity Predictions Part 1/3

Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges

Blockchain is finally finding applications outside of crypto-currencies, expanding its functions in inter-bank settlements with the help of IoT gaining traction. However, these use cases are still in their infancy stage and are not the focus for most cyber criminals today.

Instead of attacking Blockchain technology itself, cyber criminals will focus on compromising coin-exchanges and users’ coin-wallets since these are the easiest targets, and provide high returns. Victims will also be tricked into installing coin-miners on their computers and mobile devices, handing their CPU and electricity over to cyber criminals.

 

Cyber criminals Will Use Artificial Intelligence (AI) & Machine Learning (ML) To Conduct Attacks

No cyber security conversation today is complete without a discussion about AI and ML. So far, these conversations have been focused on using these technologies as protection and detection mechanisms. However, this will change in the next year with AI and ML being used by cyber criminals to conduct attacks.

It is the first year where we will see AI versus AI in a cybersecurity context. Cyber criminals will use AI to attack and explore victims’ networks, which is typically the most labour-intensive part of compromise after an incursion.

Next Page > The Symantec 2018 Cybersecurity Predictions Part 2/3

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Symantec 2018 Cybersecurity Predictions Part 2/3

Supply Chain Attacks Will Become Mainstream

Supply chain attacks have been a mainstay of the classical espionage and signals-intelligence operators, compromising upstream contractors/systems/companies and suppliers. They are proven to have a high-level of effectiveness, with nation-state actors using a mix of human intelligence to compromise the weakest link in the chain.

These attacks are moving into the cybercriminal space, becoming mainstream. With publicly available information on suppliers, contractors, partnerships and key-people, cyber criminals can find victims in the supply chain and attack the weakest link. With a number of high profile successful attacks in 2016 and 2017, cyber criminals will focus on this method in 2018.

 

File-less and File-light Malware Will Explode

2016 and 2017 have seen consistent growth in the amount of file-less and file-light malware, with attackers capitalising organizations that lack in preparation against such threats. With fewer Indicators of Compromise (IoC), use of the victims’ own tools, and complex disjointed behaviours, these threats have been harder to stop, track and defend against in many scenarios.

Like the early days of ransomware, where early success by a few cyber criminals triggered a gold-rush like mentality, more cyber criminals are now rushing to use these same techniques. Although file-less and file-light malware will still be outnumbered by orders-of-magnitude as traditional style malware, they will pose a significant threat and lead to an explosion in 2018.

[adrotate group=”1″]

 

Organisations Will Still Struggle With Security-as-a-Service (SaaS) Security

Adoption of SaaS continues to grow at an exponential rate as organizations embark on digital transformation projects to drive business agility. This rate of change and adoption presents many security challenges as access control, data control, user behaviour and data encryption vary significantly between SaaS apps. While this is not new and many of the security problems are well understood, organizations will continue to struggle with all these in 2018.

Combined with new privacy and data protections laws adopted by regulators across the world, these will pose major implications in terms of penalties, and more importantly, reputational damage.

 

Organisations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security – More Breaches Due to Error, Compromise & Design

IaaS has completely changed the way organisations run their operations, offering massive benefits in agility, scalability, innovation and security. It also introduces significant risks, with simple errors that can expose massive amount of data and take down the entire system.

While security controls above the IaaS layer are customer’s responsibility, traditional controls do not map well – leading to confusion, errors and design issues with ineffective or inappropriate controls being applied, while new controls are ignored. This will lead to more breaches throughout 2018 as organizations struggle to shift their security programs to be IaaS effective.

Next Page > The Symantec 2018 Cybersecurity Predictions Part 3/3

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Symantec 2018 Cybersecurity Predictions Part 3/3

Financial Trojans Will Still Account For More Losses Than Ransomware

Financial Trojans were some of the first pieces of malware to be monetised by cyber criminals. From simple beginnings as credential harvesting tools, they have since evolved to advanced attack frameworks that target multiple banks, and banking systems that send shadow transactions and hide their tracks. They have proven to be highly profitable for cyber criminals.

Today the move to mobile application-based banking has curtailed some of the effectiveness, so cyber criminals are now moving their attacks to these platforms. Cyber criminals’ profits from Financial Trojans is expected to grow, giving them higher gains as compared to Ransomware attacks.

 

Expensive Home Devices Will Be Held To Ransom

Ransomware has become a major problem and is one of the scourges of the modern Internet, allowing cyber criminals to reap huge profits by locking up users’ files and systems. The gold-rush mentality has not only pushed more and more cyber criminals to distribute ransomware, but also contributed to the rise of Ransomware-As-A-Service and other specializations in the cyber criminal underworld.

These specialists are now looking to expand their attack reach by exploiting the massive increase in expensive connected home devices. Smart TVs, smart toys and other smart appliances can run into thousands of dollars and users are generally not aware of the threats to these devices, making them an attractive target for cyber criminals.

[adrotate group=”1″]

 

IoT Devices Will Be Hijacked and Used in DDoS Attacks

In 2017, we have seen massive DDoS attacks using hundreds of thousands of compromised IoT devices in people’s homes and workplaces to generate traffic. This is not expected to change with cyber criminals looking to exploit the poor security settings and management of home IoT devices.

Furthermore, the inputs and sensors of these devices will also be hijacked, with attackers feeding audio, visual or other faked inputs to make these devices do what they want rather than what users expect them to do.

 

IoT Devices Will Provide Persistent Access to Home Networks

Beyond DDoS attacks and ransomware, home IoT devices will be compromised by cyber criminals to provide persistent access to a victim’s network. Home users generally do not consider the cyber security implications of their home IoT devices, leaving default settings and not vigilantly updating them like they do with their computers.

Persistent access means that no matter how many times a victim cleans their machine or protects their computer, the attacker will always have a backdoor into victims’ network and the systems that they connect to.

Go Back To > First PageArticles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Palo Alto Networks : Not Enough Cybersecurity Staff In Healthcare

Palo Alto Networks revealed that despite an increase in cybersecurity budgets, there is a lack of dedicated cybersecurity staff in the healthcare industry.

 

Palo Alto Networks : Not Enough Cybersecurity Staff In Healthcare

SINGAPORE, 29 November 2017 – As the adoption of digital technology in the healthcare industry accelerates, there is an increasing need to protect another side of patients’ and healthcare organisations’ well-being – the security of their personal data. This emphasis on protecting data and mitigating cyberthreats is reflected in the industry’s significant investment into cybersecurity.

According to a recent survey * by Palo Alto Networks, about 70 percent of healthcare organisations in Asia-Pacific say that 5 to 15 percent of their organisation’s IT budget is allocated to cybersecurity.

The survey was conducted amongst more than 500 business professionals in APAC, covering Australia, China, Hong Kong, India and Singapore markets.

However, despite substantial budgets, there seems to be a need for the healthcare industry to catch-up with industry peers in terms of cybersecurity talent, with only 78 percent having a team in their organisations dedicated to IT security, the lowest among other industries surveyed. This is also well-below the industry-wide average of 86 percent.

 

Risk factors

Aside from monetary loss associated with data breaches and availability of connected devices which monitor patient lives, healthcare professionals are most worried about the loss of clients’ contacts, financial or medical information – 30 percent have cited loss of details as key. Fear of damaging the company’s reputation among clients comes next at 22 percent, followed by 17 percent citing company downtime while a breach is being fixed as a concern.

Cybersecurity risks in healthcare organisations are also amplified with BYOD (Bring Your Own Device), with 78 percent of organisations allowing employees to access work-related information with their own personal devices such as their mobile phones and computers. In addition to this, 69 percent of those surveyed say they are allowed to store and transfer their organisation’s confidential information through their personal devices.

While 83 percent claimed there are security policies in place, only 39 percent admit to reviewing these policies more than once a year – lower than the 51 percent of respondents from the finance industry, a sector also known to hold sensitive client data.

[adrotate group=”1″]

 

Call to get in shape for the future

As more healthcare organisations fall prey to cyberattacks, such as ransomware, a lapse in data security is a real threat to the industry, hence organisation-wide education and awareness are crucial towards ensuring that the right preventive measures are implemented and enforced.

54 percent of the respondents have cited an inability to keep up with the evolving solutions being a barrier to ensuring cybersecurity in their organisations, and 63 percent of respondents attributed this to an ageing internet infrastructure as the likely main reason for cyberthreats, should they happen.

 

Palo Alto Networks Tips For Healthcare Organisations

Here are some tips for healthcare organisations:

  • Ensure that medical devices are equipped with up-to-date firmware and security patches to address cybersecurity risks. Medical devices are notoriously vulnerable to cyberattacks because security is often an afterthought when the devices are designed and maintained by the manufacturer. These precautionary measures may include having an inventory on all medical devices, accessing network architecture and determining patch management plan for medical devices, as well as developing a plan to migrate medical devices to the medical device segment.
  • Apply a zero trust networking architecture for hospital networks, making security ubiquitous throughout, not just at the perimeter. Healthcare organisations should look to segment devices and data based on their risk, inspecting network data as it flows between segments, and requiring authentication to the network and to any application for any user on the network.
  • Practices such as BYOD and some employees’ ability to store and transfer confidential information through their personal devices put them at a higher risk of phishing attacks. To prevent this, healthcare providers should ensure that staff undergo regular end-user security training to reduce successful phishing. Cybersecurity best practices can be taught as a new hire class for every employee.
  • As healthcare organisations migrate portions of their critical infrastructure and applications to the cloud, it becomes imperative for an advanced and integrated security architecture to be deployed to prevent cyberattacks on three-prongs: the network, the endpoint and the cloud. Traditional antivirus will not be effective in guarding against advanced malware such as ransomware which continuously changes to avoid detection.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The macOS High Sierra Root Bug Explained! Rev. 2.0

The Internet is abuzz with the shocking revelation that now everyone can hack an Apple computer… as long as it’s using the latest macOS High Sierra operating system. Let us explain what’s going on, and share with you the workaround for the macOS High Sierra root bug.

Updated @ 2017-11-30 : Added a new section on the Apple bug fix (Security Update 2017-001) [1], and additional information on the root bug [2].

Originally posted @ 2017-11-29

 

What Is Root User?

If you are the primary user of a MacOS X system, you have an administrator account with administrator privileges. This gives you more privileges and access than a standard user account. However, that is not the highest access level possible.

There is a Mac superuser account called “root” that gives you elevated read and write privileges to hidden or protected areas of the system. With the Mac root user account, you can even access files in other user accounts.

In fact, it gives you such God-like powers, you can modify or even delete critical system files. In fact, a Mac root user can use the rm -rf * command to delete the contents of every mounted drive in the computer, until macOS crashes when a crucial file or folder is deleted.

So this Mac root user account should only remain disabled unless you really, REALLY need to use it.

Suggested Reading : The Mac Root User Login & Password Guide

 

The macOS High Sierra Root Bug Updated!

On Tuesday, 28 November 2017, Turkish software developer Lemi Orhan Ergin revealed the macOS High Sierra root bug. With a few simple steps, anyone can gain elevated root user privileges in any computer running macOS High Sierra! Here is a summary of what we know about the root bug :

  1. The root bug exploit requires a computer running macOS High Sierra, with multiple user accounts.
  2. When prompted for a username and password, use these steps to gain root user access without any password :
    • Type “root” as the username and leave the password field blank.
    • Just click “Unlock” twice.
  3. The root bug cannot be exploited remotely, unless screen sharing is enabled.
  4. The root bug was introduced in macOS High Sierra 10.13.1. Earlier versions of macOS were not affected.
  5. Apple confirmed that the bug was due to “a logic error… in the validation of credentials“.
  6. Apple also confirmed that the bug would allow an attacker to “bypass administrator authentication without supplying the administrator’s password“.
  7. Several security researchers successfully replicated the bug.

 

How Serious Is This Root Bug?

The macOS High Sierra root bug is EXTREMELY serious, because it allows a hacker to easily bypass all of the macOS operating system’s security protections.

It doesn’t matter if you encrypted your computer, and secured it with an extremely long and complex password. Anyone who gains root user privileges using this bug can access (read, copy or move) the files in any user account (even those of an administrator) without knowing the password.

What’s even more troubling is that the root bug works even with a disabled root user account. This means the vast majority of Apple computers running on High Sierra are compromised, as the root user account is disabled by default.

 

How To Fix The Root Bug?

Unlike other security researchers, Lemi Orhan Ergin did not forewarn Apple before publicly revealing the bug, on Twitter no less. He basically exposed a zero-day vulnerability for hackers to use, while Apple rushes to fix the bug.

1. Install macOS Security Update 2017-001 New!

Apple just released Security Update 2017-001. This update will remove the root bug and improve credential validation. INSTALL THIS UPDATE NOW!

Note : This bug fix will reset and disable the root user account.  If you need to use the root user account, you will need to re-enable it, and change its password, after applying the update.

Note : Apple rushed out this update so quickly that they accidentally used a space instead of the version number. You can read more about this in our article – Apple Rushed Out macOS Root Bug Fix & It Shows…

This is not an issue if you are downloading the patch through the App Store. But if you’re applying the patch via Terminal, you need to add a space.

softwareupdate -i “Security Update 2017-001- “

2. Enable Root User With Your Own Password

[adrotate group=”2″]

If you cannot apply Apple’s bug fix yet, you can block this root bug by enabling the root user account, and setting a password for it.

It’s not so straightforward, so we created a step-by-step guide for you – The Mac Root User Login & Password Guide.

3. Use Additional Encryption

Alternatively, you can opt to move your sensitive data to encrypted containers or drives using third-party encryption utilities like VeraCrypt. Hackers may use the High Sierra root bug to gain access to the encrypted containers or drives, but without the correct password, the actual data won’t be accessible.

4. Physically Protect Your Apple Computer

The good news is the High Sierra root bug generally requires physical access to your Apple computer. Until this bug is fixed, you should make sure your Apple computer is never left unsupervised.

Keep it in a locked room or bag, whenever you are not using it. If no one can get to it, they cannot use the bug to gain root access.

5. Disable Screen Sharing

The High Sierra root bug can be exploited remotely if Screen Sharing is enabled. So make sure you disable Screen Sharing.

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Mac Root User Login & Password Guide

Want to have elevated God-like privileges to your Mac OS X system? Then you need to be a Mac root user. In this guide, we will teach you how to enable the root user account in OS X, change the password, and disable it.

For experienced users or power users, you can use Terminal to quickly make these changes :

[adrotate group=”2″]

If you are an inexperienced user, you can use the GUI method, which has more steps but does not require keying in commands.

 

What Is The Mac Root User?

If you are the primary user of a MacOS X system, you have an administrator account with administrator privileges. This gives you more privileges and access than a standard user account. However, that is not the highest access level possible.

There is a Mac superuser account called “root” that gives you elevated read and write privileges to hidden or protected areas of the system. With the Mac root user account, you can even access files in other user accounts.

In fact, it gives you such God-like powers, you can modify or even delete critical system files. So this Mac root account should only remain disabled unless you really, REALLY need to use it.

OS X High Sierra currently has a root bug that allows practically root access in a few simple steps. Therefore, Apple advises you to enable the Mac root account, with your own password, until they fix the bug.

Suggested Reading : The macOS High Sierra Root Bug Explained

 

How To Enable The Mac Root User / Change Password (Terminal Method)

Requisite : You need to be logged into an administrator account.

Please note this method is used to both enable the root account, and to change its password. The single command line of sudo passwd root both changes its password, while enabling the root account.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Utilities, and select Terminal.

Step 3 : Type sudo passwd root and press Enter.

sudo passwd root

Step 4 : You will be asked for your administrator password, not the new root password. Key in your administrator password and hit Enter.

Step 5 : Now key in the new root password, and hit Enter. Then retype the new root password for verification, and hit Enter.

That’s it! You have successfully enabled the Mac root account, with a password of your choice. To use it, you need to log off your administrator account.

[adrotate group=”1″]

 

How To Disable The Mac Root User (Terminal Method)

Requisite : You need to be logged into an administrator account.

Step 1 : In Terminal, type dsenableroot -d and press Enter.

dsenableroot -d

Step 2 : Key in your administrator password (not the root user password), and hit Enter.

If you succeed, you will see the notification : ***Successfully disabled root user.

Next Page > How To Enable The Mac Root User Account (GUI Method)

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Enable The Mac Root User Account (GUI Method)

Requisite : You need to be logged into an administrator account.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator name and password.

Step 4 : Click on Login Options.

[adrotate group=”1″]

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Enable Root User.

Step 9 : Now, key in the password you want, and a second time for verification, and click OK.

That’s it! You have successfully enabled the Mac root user account, with a password of your choice. To use it, you need to log off your administrator account.

Next Page > How To Change The Mac Root User Password

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Change The Mac Root User Password (GUI Method)

Requisite : You need to be logged into an administrator account, and have the root user account enabled.

If you have just enabled the root user account, and are still in the Directory Utility screen, skip ahead to Step 8.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator name and password.

Step 4 : Click on Login Options.

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

[adrotate group=”1″]

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Change Root Password.

Step 9 : Now, key in the new password you want, and a second time for verification, and click OK.

That’s it! You have successfully changed the Mac root user password. To use it, you need to log off your administrator account.

Next Page > How To Disable The Mac Root User Account

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How To Disable The Mac Root User Account (GUI Method)

Requisite : You need to be logged into an administrator account, and have the root user account enabled.

If you have just enabled the root user account, and are still in the Directory Utility screen, skip ahead to Step 8.

Step 1 : Click on the Apple () menu, and select System Preferences.

Step 2 : Click on Users & Groups.

Step 3 : In the Users & Groups screen, click on the lock and key in your administrator user name and password.

Step 4 : Click on Login Options.

[adrotate group=”1″]

Step 5 : Click on the Join… (or Edit…) button next to Network Account Server.

Step 6 : Click on the Open Director Utility… button.

Step 7 : Click on the lock, and key in your administrator name and password.

Step 8 : In the Directory Utility menu bar, select Edit and click on Disable Root User.

That’s it! You have successfully disabled the Mac root user account.

Go Back To > First PageGuides | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Trend Micro Red Code 2017 Key Takeaway Points

At the side of Trend Micro Red Code 2017, Trend Micro and Cyber Security Malaysia gave us a briefing on the key takeaway points from the cybersecurity conference.

The Trend Micro team comprised of Goh Chee Hoh (Trend Micro Malaysia Managing Director). Ryan Flores (Senior Manager, Future Threat Research, Trend Micro AP) and Law Chee Wan (Technical Sales, Trend Micro Malaysia). Cyber Security Malaysia was represented by Dr. Aswami Ariffin (Senior VP, CyberDEF@CSRS).

 

The Trend Micro Red Code 2017 Key Takeaway Points

Cybersecurity Best Practices

  • Keep legacy systems and current secure: There are organizations still using Windows XP, Vista, or 7, for all of which Microsoft has ended support. This means there will no longer be security patches or updates anymore, leaving these systems vulnerable to cyberattacks. The recommendation is to quickly move to a new system or keep the current ones secure with third-party security software.
  • Protect data storage systems: Wherever data is – on-premise, cloud, or in virtualized or hybrid environments – it has to be protected.
  • Detect/prevent breaches: Targeted attacks can breach your organization without ever alerting traditional early warning and defense systems. Fail to spot an incursion, and you could be hit with industry fines, reputation damage and legal costs.
  • Protect information on endpoints: Your organization could have information residing on mobile devices, laptops, and multiple virtual and physical endpoints. The more endpoints, the greater the risk surface.
  • Data encryption: Encrypted data are “useless” to a hacker without the decryption key. It is imperative to encrypt sensitive data for both those in transit and those at rest.
  • Backup of data: It is extremely important to have backups of consumer data. In an event where a breach happens and all information is stolen or encrypted by the hacker, at the very least an organization would still have the backups to carry on daily service, while trying to resolve the issue.
  • Frequent assessments: Regular “checkups” on the capabilities of the system as well as the knowledge and education of employees is important. Trend Micro offers server assessments and also recommends that the people within the organization also be assessed via methods such as sending out test “phishing” emails.

 

Cybersecurity Awareness

  • Cybersecurity awareness programs help get employees up to speed with the latest attacks, safe internet practices, security policies, and how to spot a security threat.
  • Within an organization, there must be security policies governing the use of data and access to certain systems and programs.

 

Multi-Layered Security

To mitigate the risk of infection as effectively as possible, organizations to take a layered approach to security – from the gateway to the network, server and endpoint.

  1. Email and Web Gateway Protection
    This will give a good chance of preventing most ransomware from reaching your users – whether that’s via a phishing email or a malicious website.[adrotate group=”2″]
  1. Endpoint Security
    For a small percentage of ransomware threats that might make it through the web/email gateway protection, endpoint security will monitor for suspicious behavior, enforces application whitelists and features vulnerability shielding to protect against unpatched vulnerabilities that ransomware often takes advantage of.
  1. Network Defense
    This layer guards against ransomware that spreads into the organization via network protocols.
  1. Server Protection
    This is where most of the organization’s critical enterprise data will reside. It is essential to ensure any unpatched vulnerabilities are protected from ransomware via virtual patching, through a security solution which can monitor for lateral movement and file integrity.

Go Back To > Events | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky Lab Reveals Mokes Backdoor In NSA Leak

Kaspersky Lab just issued an update on their internal investigation into the alleged downloading of NSA hacking tools by Russian hackers, and their own team. Their update provides new insights into the hack, including their new findings on the Mokes backdoor used to gain access to the infected computer.

 

What’s Going On With Kaspersky Lab?

Kaspersky Lab can’t seem to get ahead of the bad publicity over the alleged downloading of NSA hacking tools from an NSA employee’s home computer. After the incident was first reported in the Wall Street Journal,  Kaspersky Lab launched an internal investigation.

They have also recently announced their Global Transparency Initiative to combat the perception that they are helping the Russian government attack Western interests.

Read : Eugene Kaspersky On The Cyberspace Survival Guide

 

Kaspersky Lab’s Initial Findings

Kaspersky Labs published these initial findings on 25 October :

  • On September 11, 2014, a Kaspersky Lab product installed on the computer of a U.S.-based user reported an infection of what appeared to be variants of malware used by the Equation APT group– a sophisticated cyber threat actor whose activity had already been under active investigation since March 2014.
  • Sometime after this, the user seems to have downloaded and installed pirated software on their machine, specifically a Microsoft Office ISO file and an illegal Microsoft Office 2013 activation tool (aka “keygen”).
  • To install the pirate copy of Office 2013, the user appears to have disabled the Kaspersky Lab product on their computer, because executing the illegal activator tool would not have been possible with the antivirus enabled.
  • The illegal activation tool contained within the Office ISO was infected with malware. The user was infected with this malware for an unspecified period while the Kaspersky Lab product was inactive. The malware consisted of a full-blown backdoor which could have allowed other third-parties to access the user’s machine.
  • When re-enabled, the Kaspersky Lab product detected the malware with the verdict Backdoor.Win32.Mokes.hvl and blocked this malware from calling out to a known command and control server. The first detection of the malicious setup program was on October 4, 2014.
  • In addition, the antivirus product also detected new and previously known variants of Equation APT malware.
  • One of the files detected by the product as new variants of Equation APT malware was a 7zip archive which was sent back, in accordance to the end-user and KSN license agreements, to the Kaspersky Virus Lab for further analysis.
  • Upon analysis, it was discovered that the archive contained a multitude of files, including known and unknown tools of Equation group, source code, as well as classified documents. The analyst reported the incident to the CEO. Following a request from the CEO, the archive itself, source code, and any apparently classified data were deleted within days from the company’s systems. However, files that are legitimate malware binaries currently remain in Kaspersky Lab storage. The archive was not shared with any third-parties.
  • The reason Kaspersky Lab deleted those files and will delete similar ones in the future is two-fold: first, it needs only malware binaries to improve protection and, secondly, it has concerns regarding the handling of potentially classified material.
  • Because of this incident, a new policy was created for all malware analysts: they are now required to delete any potentially classified material that has been accidentally collected during anti-malware research.
  • The investigation did not reveal any other similar incidents in 2015, 2016 or 2017.
  • To date, no other third-party intrusion aside from Duqu 2.0 has been detected in Kaspersky Lab’s networks.

 

The Mokes Backdoor & Other New Findings

Kaspersky Lab continued their investigation, issuing a new report that confirmed their initial findings above. It also provided additional insight into the analysis of the telemetry of suspicious activities registered on that NSA employee’s computer that was sent to their servers.

One of the major discoveries was the detection of the Mokes backdoor in that NSA employee’s computer. The Mokes backdoor is a malware that allows the hacker to remotely access the computer.

Curious Mokes backdoor background

It is publicly known that the Mokes backdoor (also known as “Smoke Bot” or “Smoke Loader”) appeared on Russian underground forums as it was made available for purchase in 2014. Kaspersky Lab research shows that, during the period of September to November 2014, the command and control servers of this malware were registered to presumably a Chinese entity going by the name “Zhou Lou”.

[adrotate group=”2″]

Moreover, deeper analysis of Kaspersky Lab telemetry showed that the Mokes backdoor may not have been the only malware infecting the PC in question at the time of the incident as other illegal activation tools and keygens were detected on the same machine.

More non-Equation malware

Over a period of two months, the product reported alarms on 121 items of non-Equation malware: backdoors, exploits, Trojans and AdWare. All of these alerts, combined with the limited amount of available telemetry, means that while Kaspersky Lab can confirm that their product spotted the threats, it is impossible to determine if they were executing during the period the product was disabled.

 

Kaspersky Lab’s Conclusions

Their current investigations conclude thus far that :

  • The Kaspersky Lab software performed as expected and notified our analysts of alerts on signatures written to detect Equation APT group malware that was already under investigation for six months. All of this in accordance with the description of the declared product functionality, scenarios, and legal documents which the user agreed to prior to the installation of the software.
  • What is believed to be potentially classified information was pulled back because it was contained within an archive that fired on an Equation-specific APT malware signature.
  • Beside malware, the archive also contained what appeared to be source code for Equation APT malware and four Word documents bearing classification markings. Kaspersky Lab doesn’t possess information on the content of the documents as they were deleted within days.
  • Kaspersky Lab cannot assess whether the data was “handled appropriately” (according to U.S. Government norms) since our analysts have not been trained on handling U.S. classified information, nor are they under any legal obligation to do so. The information was not shared with any third party.
  • Contrary to multiple media publications, no evidence has been found that Kaspersky Lab researchers have ever tried to issue “silent” signatures aimed at searching for documents with words like “top secret” and “classified” and other similar words.
  • The Mokes backdoor infection and potential infections of other non-Equation malware point to the possibility that user data could have been leaked to an unknown number of third-parties as a result of remote access to the computer.

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

How Kaspersky Lab Plans To Counter Alleged Ties To Russian Intelligence

Alleged Ties To Russian Intelligence

Kaspersky Lab can’t seem to get rid of the stigma of being a Russian company. Even after Eugene Kaspersky publicly declared that Russian President Vladimir Putin is not his friend, and offered to show his source codes to the US government, he can’t shake off the perception that he’s helping the Russian government attack Western interests.

It did not help that Israeli government hackers provided the US National Security Agency (NSA) with evidence that Russian hackers used Kaspersky Lab software to scan for American classified programs. They also found NSA hacking tools in the Kaspersky Lab network, the same tools that the NSA later confirmed were in Russian intelligence hands.

That was what led to the US General Services Administration directive to remove Kaspersky Lab from its list of approved vendors, and the US Senate to call for a government-wide ban.

There is no evidence that Kaspersky Lab itself was complicit in helping Russian intelligence scan for American classified programs, or obtain the NSA hacking tools. It is entirely possible that the Russian intelligence hackers merely exploited the same flaws in Kaspersky Lab software that the Israelis used to gain access to their network and software.

However, all these controversies have greatly undermined Kaspersky Lab’s credibility and sales worldwide.

 

The Kaspersky Lab Global Transparency Initiative

The Kaspersky Lab Global Transparency Initiative attempts to prove and assure their customers (and potential customers) that there are no backdoors in their software. Under this initiative, Kaspersky Lab will make their source codes, including software updates and threat detection rules, available for independent review and evaluation.

Their Global Transparency Initiative will kick off with these actions :

  1. Kaspersky Lab will offer their source codes for an independent review by Q1 2018, with similar independent reviews of their software updates and threat detection rules to follow.
  2. An independent assessment of the Kaspersky Lab development lifecycle processes, and its software and supply chain risk mitigation strategies, will begin by Q1 2018.
  3. Additional controls to govern Kaspersky Lab data processing practices, with verification by an independent party, will be developed by Q1 2018.
  4. Three Transparency Centers will be established in Asia, Europe and the US to address security issues with Kaspersky Lab partners, customers and government stakeholders. They will also serve as a facility for “trusted partners to access reviews on the company’s code, software updates and threat detection rules“. The first Transparency Center will open by 2018, with the rest by 2020.
  5. Kaspersky Lab will increase their bug bounty awards up to $100,000 for the most severe vulnerabilities found under their Coordinated Vulnerability Disclosure program by the end of 2017.

Kaspersky Lab will later announce the next phase of the Global Transparency Initiative, after engaging with their stakeholders and the cybersecurity community.

 

What This Does Not Address

[adrotate group=”2″]

The initial phase of the Kaspersky Lab Global Transparency Initiative will help verify, and assure their customers, that there are no backdoors in their software. However, it does not address a major concern for the US government – the fact that their data is routed through Russian Internet service providers that are subject to the Russian intelligence surveillance system called SORM (System of Operative-Investigative Measures).

Kaspersky Lab has said that customer data sent to their Russian servers are encrypted, and they do not decrypt it for the Russian government. But it would be impossible for them to prove it. Perhaps they will address this concern in the next phase of their Global Transparency Initiative.

Don’t forget to read our interview with Eugene Kaspersky on his alleged ties with Russian President Vladimir Putin and the Kremlin.

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Truth On Cyberespionage @ 3rd Kaspersky APAC Conference

October 13, 2017, 2017 – Kaspersky Lab unriddles today the mysterious threat of cyberespionage against countries, critical infrastructure, and companies in the region as part of its 3rd Asia Pacific (APAC) Cyber Security Weekend in Phuket, Thailand.

The company’s annual cybersecurity conference in the region will bring together its top security experts along with industry professionals and journalists from 11 countries across APAC. The four-day event will highlight presentations from its top security researchers to reveal the truths and bust myths about cyberespionage, an alarming threat which has crossed the worlds of fiction and reality.

“Cyber espionage is a dangerous and costly threat targeting nations and corporations around the world, including nations right here in the Asia Pacific region. Kaspersky Lab today aims to sound the alarm louder about this imminent danger so we can step up our efforts to strengthen our infrastructure and protect the public,” says Stephan Neumeier, Managing Director at Kaspersky Lab APAC.

Don’t forget to check out our earlier article – The Kaspersky Palaeontology of Cybersecurity Conference!

 

Kaspersky Cybersecurity Experts On Cyberespionage

Four cybersecurity experts from Kaspersky Lab’s Global Research & Analysis Team (GReAT) topbill this year’s APAC Cyber Security Weekend and will zero in on the state of targeted attacks in APAC countries from past to present and how governments, businesses, and concerned industrial sectors can beef up their cyber defenses.

Vitaly Kamluk, Kaspersky Lab’s Director of GReAT in APAC, will open up the discussion by looking back at major cyber attacks that have hit public and private organizations over the past years in countries around the region.

“Cyberespionage, a subset of intelligence activities in cyberspace, is covert by nature. The new generation of spies are not doing physical James Bond-style operations anymore — they are regular software developers and system operators. Their achievements remain in the darkness until researchers like Kaspersky GReAT discover and document their activities. The attackers are not writing the history of cyberattacks, but researchers do. And it doesn’t come as easy making documentaries or writing memoirs. The work of researchers require high concentration and solving of multiple difficult logical problems on the way, which is why these stories are so valuable,” explains Kamluk.

Also by Vitaly Kamluk – The Palaeontology of Cyberattacks and The BitScout Free Cyber Forensics Tool.

Kaspersky Lab’s 2016 report titled “Measuring the Financial Impact of IT Security on Businesses” has found that targeted attacks, including cyberespionage, are among the most expensive types of attack. The study further shows these threats can cost up to $143,000 in losses for small businesses and $1.7 million for enterprises.

The global cybersecurity company’s cyberespionage report also reiterates that businesses in all sectors and of all sizes are vulnerable to a targeted attack. A Fortune 500 company is at risk as a two-man startup as both entities hold business data.

Aside from monetary loss, businesses and even government agencies lose confidential data and the trust from their stakeholders and customers in the wake of a successful cyberespionage campaign.

Seongsu Park, GReAT’s Senior Security Researcher based in South Korea, will specifically talk about the role of a company’s infrastructure in a successful targeted attack.

Park is among the Kaspersky Lab researchers who have been closely monitoring the activity of the high-profile cyberespionage group, Lazarus, a cybercriminal gang believed to be behind the $81-million Bangladesh Bank heist last year. He said thorough analysis on this group proved that many servers of big corporations are being used by the cybergang as launchers of their attacks against these same enterprises.

Also by Seongsu Park – The South Korean Cyberattacks – From Military To ATM

To answer the who’s and how’s of a cyberespionage campaign, Noushin Shabab, Senior Security Researcher at Kaspersky Lab’s GReAT based in Australia, will discuss the forensic techniques and critical analysis being carried out by researchers for years to be able to understand an attack and to unmask its perpetrators.

“Like paleontologists collecting the tiniest bones to be able to unearth a full artefact, cybersecurity researchers examine the leftovers of a malicious campaign, chase the trail of clues until we have gathered all the necessary pieces of the puzzle, and collate and compare evidences with fellow experts to be able to know the attackers behind an attack, their main goal, their techniques, and the length of their attacks. All the historic information we have gathered through investigating targeted attacks all these years helped us discover the truths and the myths of cyberespionage in the Asia Pacific region,” says Shabab.

Also by Noushin Shabab – Tracking The Spring Dragon Advanced Persistent Threat

[adrotate group=”2″]

Yury Namestnikov, Senior Malware Analyst at Kaspersky Lab’s GReAT, will explain the trend of cyberespionage groups focusing on attacking financial organizations in the region using the now infamous ransomware to gain monetary rewards. He will also reveal the techniques used by these groups to mask destructive wiper-attack as an ordinary cybercriminal activity.

Aside from elite cybersecurity experts from Kaspersky Lab, the global cybersecurity company’s “Data Guardian” named Midori Kuma will also grace the conference. Midori Kuma, who will be in Asia Pacific for the first time, is Kaspersky Lab’s original character tasked to remind internet users on how to keep their data safe from cybercriminals.

Guest speaker Kyoung-Ju Kwak, Security Researcher at the Computer Emergency Analysis Team of Korea’s Financial Security Institute will talk about Andariel, a threat actor connected to the Lazarus group and responsible for card leakage and illegal ATM withdrawals in South Korea.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Next Gen Kaspersky Private Security Network Is Here!

Kaspersky Lab is introducing its next generation of Kaspersky Private Security Network, a private version of Kaspersky Security Network that allows enterprises to boost their detection speed with access to real-time global threat intelligence from 80 million sensors, without sharing any data outside their corporate network.

The renewed Kaspersky Private Security Network offers additional customization options to meet the demands of enterprise customers. The solution enables businesses to enhance their security intelligence by adding to Kaspersky Private Security Network customized lists of URLs and file reputations – with in-house sources and independent providers.

 

The Next Generation Kaspersky Private Security Network

With 57% of businesses acknowledging that their IT security will be compromised at some point, the need for real-time security intelligence is growing rapidly. Cloud-based threat intelligence helps to quickly and more accurately analyze suspicious files (by hashsum or certificate) or URLs, safeguarding businesses from losing a wealth of sensitive data, or having their entire IT infrastructure compromised.

Specifically, Kaspersky Security Network (KSN), Kaspersky Lab’s distributed cloud infrastructure, provides businesses with verdicts on new malware specimens in a matter of minutes, based on the data from 80 million sensors all over the world. However, for some businesses, the use of cloud solutions can be limited by regulations and specific network security requirements.

Kaspersky Private Security Network solves this problem through a private cloud which contains an internal copy of KSN, incorporating all of its advantages within the corporate IT infrastructure. Up-to-date threat information arrives from KSN by one-way synchronization, meaning that no data is sent from the corporate network to the cloud.

 

Develop next generation customized security intelligence

Scalability and flexibility are critical requirements for modern enterprise IT security strategies. Being scalable for networks of up to 500,000 nodes, the new generation of Kaspersky Private Security Network prioritizes the customization of threat intelligence.

New functionality allows companies to add customer-defined data to their Kaspersky Private Security Network, including file reputation by hashsum (SHA256 or MD5); and URL reputation. It also makes possible whitelisting of customers’ files to eliminate false positive detections.

Special interfaces for external threat intelligence feeds allow cybersecurity teams to upload information about file and URL reputation directly to Kaspersky Private Security Network without any intermediate steps.

These features equip IT security departments and SOC teams with powerful automation tools and allow them to speed up threat analysis and incident response times.

[adrotate group=”2″]

Bolster your defenses with enhanced management capabilities

The latest generation of Kaspersky Private Security Network has also been specifically enhanced from a management and usability standpoint.

The data diode (unidirectional gateway) protocol for newly supported operating system CentOs allows companies operating with no Internet access to collect real-time threat intelligence through the KPSN gateway without a single byte of data leaving the corporate network perimeter.

The solution also features a new web interface which makes threat intelligence management better structured and more intuitive.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky Lab Launches The Goondus Awards!

Petaling Jaya, 18 August 2017Kaspersky Lab just launched a campaign in Asia Pacific to educate the public and spread awareness on Internet safety. Known as the Goondus Awards, the campaign is inviting submissions from the public on Internet mistakes and faux pas that have led to reputational, financial or property damage or loss for individuals.

 

The Goodus Awards

The Goondus Awards website which features the submissions anonymously, highlights real life incidents where a naïve or ill-informed Internet practice led to some form of misfortune.

“We want to educate people about safer Internet behaviours and to showcase real world examples of missteps leading to some form of loss or damage. While some stories may be humorous and even incredulous, the repercussions and damage were real and in some cases severe,” explained Sylvia Ng, General Manager, South East Asia. “As our entries are entirely anonymous, we’re encouraging a community led campaign to drive home the message that only safe practices will make the Internet safer for users.”

The Goondus Awards showcases a wide array of stories ranging from humorous occurrences to unintelligent acts and sad episodes involving monetary or reputational loss. The campaign acts as an initiative to raise cyber security awareness in an engaging form through the sharing of personal stories. It also serves to help web visitors foster positive and pleasant online experiences.

With the ease of access to the Internet, users have developed a sense of complacency or even a mild form of naivety in their daily digital lives, potentially lending themselves to becoming victims of cybercrime.

The Goondus Awards aim to remind users that they are not completely safe from cybercriminals and that they need to be vigilant, practice and maintain Internet etiquette to protect themselves.

Malaysians, including millennials and Gen Y professionals have also been burnt by the infamous love scams. According to a report by the Federal Commercial Crime Investigation Department (CCID) in 2016, a total of 2,497 love scam cases were reported with losses close to RM100 million. It proves that Goondus are fools for love.

The fact that identity theft can happen so close to home and lead to financial loss was very disturbing and shocking to the individuals in this example.

 

Goondus Awards Submission & Contest Details

The criteria for the story entries are that they must be based on actual events leading to tangible or intangible losses concerning Internet use. The winning stories will be selected by a panel of judges where participants stand a chance of winning an iPad Mini or a Tablet and even monthly prizes like a Kaspersky Lab premiums hamper.

The website also includes tips and advice from cyber security experts and elaborations on the different types of scams such as Internet love sex scams, credit for sex scams and phishing scams, to further inform users.

To submit a story, fill in the requested information such as your name, email address and contact number, along with the type of scam, story title and the full story in the website. The “Tips” section of the website features articles from the Kaspersky Lab blog and are categorised based on the various issues and forms of scams highlighted in the website. This educational content serves to advise users on how to prevent such incidents from occurring.

 

Cybersecurity Incidents In Malaysia

[adrotate group=”2″]

In 2016 alone, CyberSecurity Malaysia received 8,334 reports related to cyber security incidents. Between 2012 to 2016, CyberSecurity Malaysia received a total of 50,789 cyber security incidents. Of the figure, fraud contributes to almost 40 per cent or 20,141 followed by hacktivism (9,918), spam (9,210) and cyber threats (2,333).

More than 70 per cent of the incidents reported involved financial implications, including phishing, online banking fraud, credit card fraud and online scams among others. Statistics from The Royal Malaysian Police recorded 113 phishing cases resulting in total losses of RM1.91.

Comparing last year’s May and 2017’s May result in terms of cybercrime rate, is it evident that the figure has grown and especially cyber harassment case has rose over 50% according to CyberSecurity Malaysia. It is also evident that, statistics in May shows cases such as frauds, spams and malicious codes rose compared to last year.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!