Tag Archives: Data Security

CD PROJEKT RED : Source Codes Stolen, May Be Leaked!

CD PROJEKT RED Hack : Source Codes + Docs Stolen!

CD PROJEKT RED just had their source codes and internal documents stolen in a MAJOR HACK, and they may all end up being leaked!

 

CD PROJEKT RED Hack : Source Codes Stolen, Servers Encrypted!

On 9 February 2021, CD PROJEKT RED announced that their data – including source codes and internal documents – were stolen in a hack, and could possibly be leaked.

Their servers were also encrypted in a secondary ransomware attack by the same hackers, but they had backups of the encrypted data.

CD PROJEKT RED publicly ruled out negotiating with the hackers, or giving in to their demands.

This would likely mean that their source codes and internal documents will eventually be released publicly by the hackers.

The only silver lining – CD PROJEKT RED noted that they do not have any evidence that the personal data of their employees were accessed or stolen.

 

CD PROJEKT RED Hack : The Hackers’ Threats

According to the ransom note left on their servers, the hackers stole :

  • FULL source codes for Cyberpunk 2077, Witcher 3, GWENT and the unreleased version of Witcher 3.
  • ALL of their internal documents on accounting, administration, legal, HR, investor relations and more

They also encrypted all of their CD PROJEKT RED’s servers, but acknowledged that they would most likely recover the data from their backups.

The hackers are giving the CD PROJEKT RED team 48 hours to contact them to negotiate.

If there is no agreement, they threaten to sell or leak the source codes, and release their internal documents to the media.

They claim that the internal documents will make CD PROJEKT RED look bad, causing their stock prices to fall and their investors will lose trust in them.

 

CD PROJEKT RED : Official Statement On Hack

This is the official statement by CD PROJEKT RED on the hack :

Yesterday we discovered that we have become a victim of a targeted cyber attack, due to which some of our internal systems have been compromised.

An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note the content of which we release to the public. Although some devices in our network have been encrypted, our backups remain intact. We have already secured our IT infrastructure and begun restoring the data.

We will not give in to the demands nor negotiate with the factor, being aware that this may eventually lead to the release of the compromised data. We are taking necessary steps to mitigate the consequences of such a release, in particular by approaching any parties that may be affected due to the breach.

We are still investigating the incident, however at this t time we can confirm that – to the best of our knowledge – the compromised systems did not contain any personal data of our players or users of our services.

We have already approached the relevant authorities, including law enforcement and the President of the Personal Data Protection Office, as well as IT forensic specialists, and we will closely cooperate with them in order to fully investigate the incident.

 

Recommended Reading

Go Back To > Cybersecurity | Games | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Ministry of Education Website Uses Plain Text CAPTCHA!

It is unbelievable, but the Malaysia Ministry of Education’s website uses plain text CAPTCHA that can be copied and pasted!

Take a look at this incredulous security lapse, and find out why it could put your data at risk!

 

Ministry of Education Website Uses Plain Text CAPTCHA!

The recent threat by Anonymous Malaysia to attack government websites over their lack of security appears to be well-justified.

Qusyaire Ezwan spotted an incredulous security lapse in the official Malaysia Ministry of Education website – plain text CAPTCHA!

On top of that, the code can actually be copied and pasted!

 

Ministry of Education Plain Text CAPTCHA : A Serious Cybersecurity Risk!

The CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) test is something most of us are familiar with.

It is a test that helps to identify real humans, and weed out bots, before they are allowed to access a service. This prevents bot fraud and hacking attempts.

In the Ministry of Education website, the plain text CAPTCHA was used to “secure” the retrieval of forgotten passwords for their Student Management Module.

A real CAPTCHA uses distorted images to prevent a bot from “reading” the numbers or letters, thereby ensuring that only a real human being would be able to key in the correct code.

As this screenshot shows, the CAPTCHA used in the Ministry of Education website just uses random sequences of letters and numbers in PLAIN TEXT!

This means a bot can easily copy and paste the plain text code, and bypass the CAPTCHA test.

Frankly, this doesn’t even qualify as a CAPTCHA test, because it cannot differentiate between humans and bots.

Now, the password is still sent to the registered email accounts, not to the hackers or bots. So your data is not in immediate danger.

However, this is still a SERIOUS cybersecurity risk, because a hacker can pair this design flaw with compromised email accounts.

It would allow their bots to easily and quickly make password retrieval requests for compromised email accounts, and then retrieve your Ministry of Education password.

Having access to the Student Management Module would give hackers access to a ton of information on children and their parents :

  • child : name, date of birth, telephone number, home address
  • school : location, class name, teacher’s name,
  • parent : name, occupation, workplace address, contact number, declared salary

On top of that, many people reuse their passwords, so hackers will use the password retrieved from the Ministry of Education website on other websites and online services you may use.

If you use the same password for your banking account, for example, that would expose your banking account to the hacker.

That is why CAPTCHA is important. It doesn’t prevent hacking attempts, but it greatly slows it down by blocking bots from making mass requests.

The use of plain text CAPTCHA in an official government website is a fiasco. A basic cybersecurity checklist would have prevented software vendors from using plain text CAPTCHA in government websites.

The Malaysian government needs to take the security of official websites seriously. This is a disgrace.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Why You Should NOT Move WhatsApp Chats To Telegram!

Telegram just highlighted the ability to migrate WhatsApp chats to their app, but you really should NOT do that.

Find out why this is a BIG security and privacy risk than just leaving your chats in WhatsApp!

 

Telegram : Moving Chat History From WhatsApp, Line + KakaoTalk

In a recent version 7.4 update for their iOS app, Telegram announced a new feature – the ability to move your chat messages from other apps like WhatsApp, Line and Kakaotalk to their app.

Curiously, that ability has actually been part of WhatsApp since 2018, when they introduced the ability to export chats to email and other apps.

And while this feature is purportedly available only with the iOS version of Telegram Messenger, you can already do that with existing versions of WhatsApp and Telegram.

 

Why You Should NOT Move WhatsApp Chats To Telegram!

You should note that the privacy risks with WhatsApp have been grossly exaggerated by the media and many Internet “experts”.

For one thing – WhatsApp users have been sharing metadata with Facebook since September 2016, a fact initially lost on many media outlets and “experts”.

But we understand the fear – Facebook is a real snoop. Even so, it would be a mistake to migrate from WhatsApp to Telegram.

Let us share with you why you should NOT migrate from WhatsApp to Telegram, and why it is a BIG mistake to migrate your WhatsApp data to Telegram.

Fact #1 : Telegram Is LESS Secure Than WhatsApp

WhatsApp fully implemented end-to-end encryption across all of their apps and network since 5 April 2016.

End-to-end encryption prevents WhatsApp or Facebook from reading your messages. Only the sender and receiver(s) can read them.

WhatsApp shares a considerable amount of data and metadata that Facebook can use to identify and track your movements and activities. But not the content of your messages.

Telegram, on the other hand, has STILL NOT implemented end-to-end encryption for all messages by default.

Instead, they still insist on offering end-to-end encryption only when you create a Secret Chat.

This leaves the bulk of your messages completely readable by Telegram and anyone who intercepts those messages as they travel from your device through the Internet to the recipient.

The very presence of Secret Chats between certain people is itself metadata that can help oppressive regimes identify their enemies or whistleblowers.

Fact #2 : Your Data Is Stored In Telegram Cloud Servers

All WhatsApp data is stored only in your registered device. WhatsApp also does not retain messages in their servers after they are delivered, and will only store files (like photos and videos) and undelivered messages for 30 days.

It’s the opposite with Telegram – all of your data – messages, photos, videos, documents – is stored in their cloud servers. Even though they are encrypted in storage, Telegram holds the encryption keys, NOT YOU.

This ability has its advantages like convenient access across multiple devices, but it also makes Telegram less secure.

Telegram has access to your encrypted files, including the ability to decrypt them for authorities that legally compels them to do so.

Fact #3 : Moving Your Messages + Media To Telegram Exposes Them

While your chats and media remain within your WhatsApp app, they are encrypted and not available to anyone but yourself (and the recipients).

Migrating your chat messages and media to Telegram would involve sending them unencrypted to Telegram’s servers.

This exposes your hitherto secure chats and media to a man-in-the-middle attack – allowing a third party to snoop or grab a copy of the data as it travels unencrypted to the Telegram servers.

Fact #4 : Facebook Already Has Your Metadata

As we pointed out earlier, WhatsApp has been sharing our metadata with Facebook since September 2016.

So moving your existing chats out of WhatsApp won’t limit or reduce your exposure. That horse has long bolted from the stable.

Moving your chat history and files to Telegram will just offer a new attack surface for cybercriminals and oppressive regimes.

Fact #5 : Facebook Will Still Have Your Data If You Still Use Facebook!

Here is the other thing that people don’t realise – migrating from WhatsApp to another messaging app is pointless if you do not also stop using Facebook.

As long as you still use Facebook, they will still have access to a consideration amount of metadata. Losing your WhatsApp metadata just gives them less metadata.

After all, Facebook can track your movements and activity even if you are NOT on Facebook! This is what they call Off-Facebook Activity.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Is WhatsApp Forcing Us To Share Data With Facebook In February 2021?

Many websites are claiming that WhatsApp is forcing us to share our data with Facebook in February 2021.

Find out what’s going on, and what the FACTS really are!

 

WhatsApp Sharing Data With Facebook : What’s Going On?

We wrote about this earlier, but it looks like many websites (including very influential ones) are still peddling the claim that WhatsApp is going to force us to share data with Facebook in February 2021.

It all started with this pop-up alert that started appearing on WhatsApp a few days ago, alerting us to a change in its terms and privacy policy.

You must accept this new privacy policy to continue using WhatsApp from 8 February 2021 onwards. Otherwise, the alert subtly suggests, you should “delete your account”.

Since then, numerous articles have been written about how this new privacy policy is forcing us to share our WhatsApp data with Facebook.

This has led to many people switching to alternatives like Telegram and Signal, in fear that the new privacy policy would allow Facebook to access and read all of their WhatsApp messages.

 

No, WhatsApp Is Not Forcing You To Share Data With Facebook

As we shared earlier, NO, the new WhatsApp privacy policy does not force you to share data with Facebook, because…

Fact #1 : It Has Been A Requirement Since September 2016!

It is perplexing why so many websites claim that this new privacy policy forces us to let WhatsApp share data with Facebook. After all, this has been a requirement since September 2016!

Back in August 2016, WhatsApp announced that they would start sharing data with Facebook. At that time, they gave existing users 30 days to opt-out.

This was a one-time offer that has never been repeated. Since then, every new and current user MUST agree to let WhatsApp share data with Facebook.

Fact #2 : WhatsApp Will Still Honour The Opt-Out

If you are a WhatsApp veteran who opted out of data sharing in August 2016, WhatsApp will still honour that opt-out.

You can safely agree to the new privacy policy – your data opt-out will remain active.

Fact #3 : WhatsApp Will Share MORE Information With Facebook

The new WhatsApp privacy policy is mainly focused on enabling Businesses on WhatsApp.

So while they DO NOT need your permission to continue sharing data with Facebook, they still need your permission to SHARE MORE data with Facebook.

This is the list of additional data that we must agree to let WhatsApp share with Facebook :

  • Status Information. You may provide us your status if you choose to include one on your account. Learn how to use status on Android, iPhone, or KaiOS.
  • Transactions And Payments Data. If you use our payments services, or use our Services meant for purchases or other financial transactions, we process additional information about you, including payment account and transaction information. Payment account and transaction information includes information needed to complete the transaction (for example, information about your payment method, shipping details and transaction amount). If you use our payments services available in your country or territory, our privacy practices are described in the applicable payments privacy policy.
  • Location Information. We collect and use precise location information from your device with your permission when you choose to use location-related features, like when you decide to share your location with your contacts or view locations nearby or locations others have shared with you. There are certain settings relating to location-related information which you can find in your device settings or the in-app settings, such as location sharing. Even if you do not use our location-related features, we use IP addresses and other information like phone number area codes to estimate your general location (e.g., city and country). We also use your location information for diagnostics and troubleshooting purposes.
  • User Reports. Just as you can report other users, other users or third parties may also choose to report to us your interactions and your messages with them or others on our Services; for example, to report possible violations of our Terms or policies. When a report is made, we collect information on both the reporting user and reported user.
  • Businesses On WhatsApp. Businesses you interact with using our Services may provide us with information about their interactions with you. We require each of these businesses to act in accordance with applicable law when providing any information to us.When you message with a business on WhatsApp, keep in mind that the content you share may be visible to several people in that business. In addition, some businesses might be working with third-party service providers (which may include Facebook) to help manage their communications with their customers. For example, a business may give such third-party service provider access to its communications to send, store, read, manage, or otherwise process them for the business. To understand how a business processes your information, including how it might share your information with third parties or Facebook, you should review that business’ privacy policy or contact the business directly.

Fact #4 : WhatsApp + Facebook Cannot Read Your Messages

WhatsApp finished implementing end-to-end encryption on 5 April 2016, about 4.5 months before instituting the requirement to share data with Facebook.

Since then, WhatsApp nor Facebook can no longer read your messages, as they are encrypted. Only the sender and receiver(s) can read them.

WhatsApp shares a considerable amount of data and metadata that Facebook can use to identify and track your movements and activities. But not the content of your messages.

Fact #5 : Telegram Is Less Secure!

For those who are fleeing to Telegram, you should note that Telegram does not encrypt messages (only Secret Chats).

In fact, all of your data – messages, photos, videos, documents – are stored in Telegram servers. Even though they are encrypted in storage, Telegram holds the encryption keys, NOT YOU.

In contrast, WhatsApp data is only stored in your devices. WhatsApp also does not retain messages in their servers after they are delivered, and will only store files (like photos and videos) and undelivered messages for 30 days.

WhatsApp will, however, store the time and date of the messages you send and receive.

Fact #6 : Signal Is The Most Secure Alternative

Those who want a more private and secure messenger should opt for Signal, instead of Telegram.

It offers end-to-end encryption using the open-source Signal protocol, the same protocol which WhatsApp uses in its own proprietary format.

On top of that, it offers a Sealed Sender feature which prevents everyone – including Signal – from knowing the sender and recipient of a message.

But best of all, Signal does not share your data with any third-party company. In fact, the only metadata it collects is your phone number, and even that is not linked to your identity.

That said, Signal lacks features found in WhatsApp and Telegram, so we cannot call it the best alternative, only the most secure alternative.

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Fact Check : Fat Bidin Claims On MySejahtera Snooping!

Wan Azlee, who goes by Fat Bidin, claims that MySejahtera is mining private information from our phones.

Find out what he discovered, and what the FACTS really are!

Updated @ 2020-12-03 : Added MySejahtera version history for more context.

Updated @ 2020-12-01 : Added more information, including how to disable permissions in Android and iOS for the paranoid.

Originally posted @ 2020-11-30

 

Fat Bidin : MySejahtera Is Mining Information From Our Phones!

In Episode 41 of Fat Bidin Knows Everything, Wan Azlee claimed (between mouthfuls of oats) that MySejahtera is mining a wealth of private information from our phones.

His evidence? A report by the Exodus Privacy website, stating that MySejahtera has 6 trackers and 24 permissions.

He went through the 24 permissions and made these concerning observations about MySejahtera :

  • it can take control of your phone and pair it with your Bluetooth devices
  • directly call phone numbers
  • find accounts on your phone
  • read your contacts in your phone
  • read the contents of your SD card
  • modify or delete the contents of your SD card
  • prevent your phone from sleeping
  • modify your contacts

Phwoarrrr…. shocking, isn’t it? Wan Azlee / Fat Bidin then asks the Malaysia Ministry of Health to be transparent and tell us what’s going on.

Well, let’s take a closer look at his claims…

 

Fat Bidin On MySejahtera Is Mining Our Information : A Fact Check

Wan Azlee is very articulate, but Fat Bidin honestly doesn’t quite know everything… and here’s why.

Fact #1 : That MySejahtera Version Was From April 2020

Fat Bidin posted his video on 24 November 2020, and we noticed that he was checking an old version of MySejahtera – version 1.0.10, that was posted way back in April 2020.

For the record, there has been FOURTEEN UPDATES since that version :

  • 1.0.11 : 23 April 2020
  • 1.0.12 : 28 April 2020
  • 1.0.13 : 3 May 2020
  • 1.0.15 : 4 May 2020
  • 1.0.16 : 13 May 2020
  • 1.0.17 : 23 May 2020
  • 1.0.18 : 30 May 2020
  • 1.0.19 : 3 June 2020
  • 1.0.20 : 28 June 2020
  • 1.0.21 : 30 June 2020
  • 1.0.22 : 21 July 2020
  • 1.0.23 : 29 July 2020
  • 1.0.24 : 11 August 2020
  • 1.0.25 : 5 November 2020

The latest version of MySejahtera – version 1.0.25 –  was released on 5 November 2020 – 19 days before Wan Azlee posted his video.

Why on Earth would he focus on a 6 month-old version of the app, when there is a much newer version?

Fact #2 : Exodus Posted Their Latest MySejahtera Report On 20 November 2020

Exodus posted their latest report on the latest version of MySejahtera (version 1.0.25) on 20 November 2020 at 10:47 am (as you can see in this screenshot).

That was 4 days before Wan Azlee posted his video, so why didn’t he use this new report instead?

Fact #3 : MySejahtera Has 1 Tracker + 14 Permissions According To Exodus

According to the November 20 Exodus report, MySejahtera has 1 tracker – Google Firebase Analytics, and 14 permissions, of which the highlighted ones were :

  • ACCESS_COARSE_LOCATION : access approximate location (network-based)
  • ACCESS_FINE_LOCATION : access precise location (GPS and network-based)
  • CALL_PHONE : directly call phone numbers
  • CAMERA : take pictures and videos
  • READ_EXTERNAL_STORAGE : read the contents of your SD card
  • WRITE_EXTERNAL_STORAGE : modify or delete the contents of your SD card

We immediately noticed that several controversial permissions are no longer in it :

  • GET_ACCOUNTS : find accounts on the device
  • READ_CONTACTS : read your contacts
  • WRITE_CONTACTS : modify your contacts

So if you are worried that MySejahtera is reading your contacts or modifying them, just UPDATE it to the latest version 1.0.25!

Fact #4 : Actual Permissions Are Fewer

When we checked MySejahtera 1.0.25 as installed in our phone, we found that it actually asked for and used only 11 permissions, instead of 14 as reported by Exodus.

The report also offered a bit more context about those permissions. For instance, location data is only made available when you are actively using the app.

That’s because the location data is used by MySejahtera for its Hotspot Tracker and Locate Health Screening Facility features.

In your phone, you can tap on them for more information on what they allow the app to do.

Fact #5 : Apps Need To Read, Modify + Delete Their Own Data

The permission to read, modify and delete content on our phone may seem ridiculous, but it is a necessity for most apps.

Unless the apps is merely a container for a website or web service, it needs to store data, and modify or delete it when necessary.

Fact #6 : Access To External / SD Card Is Necessary

Most developers will also ask for the permission to read, modify and delete content to the (micro) SD card, because of Adoptable Storage.

Adoptable Storage is a feature that lets smartphones use external storage (like a microSD card) as if it is part of their internal storage.

When a microSD card is used this way, apps like MySejahtera can be installed on it. Therefore, it would require permission to read, modify and delete its own data on the external storage card.

Fact #7 : Android Restricts Data Snooping

Apps that have access to read / modify / write external storage are allowed to access files from other apps. However, this is limited to only these three media collections :

  • MediaStore.Images
  • MediaStore.Video
  • MediaStore.Audio

MySejahtera, or any other app with similar permissions, cannot read / modify / delete data outside of those three media storage locations.

Fact #8 : MySejahtera Has A Privacy Policy

Like all other Android and iOS apps, MySejahtera has a privacy policy, where it is stated clearly that

MySejahtera is owned and operated by the Government of Malaysia. It is administrated by the Ministry of Health (MOH) and assisted by the National Security Council (NSC) and the Malaysian Administrative Modernisation and Management Planning Unit (MAMPU). The Government assures that the collection of your personal information is align with Personal Data Protection Act 2010 (Act 709).

The app will not record user’s Personal Data except with the permission and voluntarily provided by the user. Information collected are used for monitoring and enforcement purposes by Government authorities in dealing with the COVID-19 pandemic. This information is not shared with other organizations for other purposes unless specifically stated.

Fact #9 : You Are Protected By PDPA 2010 (Act 709)

We are all protected by the Personal Data Protection Act 2010 (Act 709).

Anyone who is caught sharing our personal data without permission is be liable to a fine not exceeding three hundred thousand ringgit or to imprisonment for a term not exceeding two years or to both.

Fact #10 : You Can Disable Permissions

You can view and disable any permission that worries you :

Android

  1. Go to Settings > Apps >  MySejahtera > Permissions.
  2. Tap on the permission you don’t want, and select Deny.

Apple iOS

  1. Go to Settings > MySejahtera.
  2. Disable the permissions you don’t want.

But note that doing this will likely break some features in MySejahtera.

Fact #11 : Many Other Apps Are Worse For Your Privacy

When it comes to privacy, we have bigger fishes to fry. Take a look at how many trackers and permissions these four popular apps require.

They make MySejahtera look absolutely privacy-conscious!

 

Recommended Reading

Go Back To > Cybersecurity | SoftwareHome

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor!

Dell EMC PowerProtect Cyber Recovery just received a Sheltered Harbor endorsement!

Find out what this means for financial services organisations looking for a Sheltered Harbor-certified turnkey data vault!

 

Dell EMC PowerProtect Cyber Recovery : Endorsed by Sheltered Harbor!

On 10 November 2020, Dell EMC PowerProtect Cyber Recovery was officially endorsed by Sheltered Harbor – the non-profit initiative to improve the stability and resiliency of the financial sector.

This is the culmination of two years of work between Dell and Sheltered Harbor teams, to develop a solution designed for financial services organisations.

If your organisation is a Sheltered Harbor participant, or eligible to be one, you can now purchase and quickly deploy the Dell EMC PowerProtect Cyber Recovery – a turnkey data vault that meets all of the stringent Sheltered Harbor criteria.

The Dell EMC PowerProtect Cyber Recovery Solution for Sheltered Harbour helps participants achieve compliance with data vaulting standards and certification, and plan for operational resilience and recovery against any cyber attack.

If your organisation is not part of the Sheltered Harbor community, you can still deploy PowerProtect Cyber Recovery to protect your data with the same stringent Sheltered Harbor standards.

 

Dell EMC PowerProtect Cyber Recovery : What Is It?

Dell EMC PowerProtect Cyber Recovery is an on-premise turnkey data vaulting solution that protects customers from all kinds of cyber threats.

Its CyberSense analytics and machine learning capabilities allow customers to monitor data integrity, ensuring the continued quality of their data.

It also comes with forensic tools to let customers discover, diagnose and remediate ongoing attacks.

 

Recommended Reading

Go Back To > Enterprise IT | Cybersecurity | Home

Support Tech ARP!

If you like this review, please support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


PowerProtect Data Manager Nov 2020 Update: What’s New?

Dell Technologies just announced enhancements to PowerProtect Data Manager available globally in November 2020!

Find out what’s new in the latest Dell EMC PowerProtect Data Manager!

 

PowerProtect Data Manager : What Is It?

Dell EMC PowerProtect Data Manager provides software-defined data protection, automated discovery, and deduplication for physical, virtual and cloud environments.

Its software-defined architecture allows for greater operational agility, and faster IT transformation, while delivering next-generation data protection.

 

PowerProtect Data Manager November 2020 Update : What’s New?

In its November 2020 update, PowerProtect Data Manager offers these new enhancements :

  • In-cloud workloads in Microsoft Azure and AWS are now protected
  • VMware Tanzu portfolio is now supported
  • Native vCenter Storage Policy-Based Management integrated for VM protection
  • VMware-certified solution to protect VMware Cloud Foundation infrastructure layer.
  • Protection for containerised apps with open source databases, including PostgreSQL and Apache Cassandra, in Kubernetes environments.
  • Customers can now protect Amazon Elastic Kubernetes Service (EKS) and Azure Kubernetes Service (AKS) to back-up Kubernetes cluster-level resources.

 

PowerProtect Data Manager November 2020 Update : Availability

The November 2020 enhancements are available globally with immediate effect.

 

Recommended Reading

Go Back To > Enterprise IT  | Software  | Cybersecurity | Home

Support Tech ARP!

If you like this review, please support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


2020 Dell EMC PowerProtect DP Series IDPA : What’s New?

Dell Technologies just announced the 2020 Dell EMC PowerProtect DP Series appliances!

Here is what you need to know about the next-generation integrated data protection appliances!

 

2020 Dell EMC PowerProtect DP Series : What Is It?

The 2020 PowerProtect DP series is the next-generation family of integrated data protection appliances (IDPA) from Dell Technologies.

They offer a complete solution for backup, recovery, replication, deduplication, cloud readiness with disaster recovery, and long-term rotation to the public cloud!

The 2020 Dell EMC DataProtect DP series are all-in-one data protection solutions that offer :

  • Storage capacities from 8 terabytes to 1 petabyte
  • Greater efficiency, with up to 65:1 data reduction
  • Up to 38% faster backups, and up to 45% faster restores, compared to previous generation.
  • Instant access and restore of up to 50% greater IOPS, compared to previous generation.
  • Consumes up to 23% less power than the previous generation
  • Cloud long-term retention, and cloud DR-ready
  • VMware integration

The 2020 Dell EMC DataProtect DP series is also guaranteed under the Future-Proof Program, and is part of the Dell Technologies on Demand program.

 

2020 Dell EMC PowerProtect DP Series : Models + Key Specifications

The 2020 Dell EMC PowerProtect DP series consists of four models – DP4400, DP5900, DP8400 and DP8900. Here are their key specifications.

Specifications DP4400 DP5900 DP8400 DP8900
Physical Capacity 8 TB to 96 TB 96 TB to 288 TB 192 TB to 768 TB 576 TB to 1 PB
Physical Capacity
with Cloud Tier
Up to 288 TB Up to 864 TB Up to 2.3 PB Up to 3 PB
Logical Capacity Up to 4.8 PB Up to 18.7 PB Up to 49.9 PB Up to 65 PB
Logical Capacity
with Cloud Tier
Up to 14.4 PB Up to 56.1 PB Up to 149.7 PB Up to 195 PB
Max Throughput Up to 9 TB/hr Up to 33 TB/hr Up to 57 TB/hr Up to 94 TB/hr
Drive Type SAS 12 TB SAS 4 TB SAS 8 TB SAS 8 TB
Networking 8 x RJ45, or
8 x SFP
4 x 40 GbE uplinks
Each Quad SFP port can be split into 4 x 10 GbE
Max. Power 475 VA 2,830 VA 5,480 VA 7,250 VA
Thermal Rating 1,620 BTU/hr 9,300 BTU/hr 17,800 BTU/hr 23,400 BTU/hr

 

2020 Dell EMC PowerProtect DP Series : Availability

The 2020 Dell EMC PowerProtect series appliances – DP4400, DP5900, DP8400 and DP8900 – will be available globally in December 2020.

 

Recommended Reading

Go Back To > Enterprise IT  | Cybersecurity | Home

Support Tech ARP!

If you like this review, please support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Lazada RedMart Data Breach : What You Need To Know!

Lazada just admitted that a data breach involving their RedMart customer database that could affect some 1.1 million customers!

Find out what happened, and what it could mean for Lazada and RedMart customers!

 

Lazada RedMart : What Is It?

RedMart is an online grocery platform in Singapore that was founded in August 2011.

Lazada acquired RedMart in November 2016, and started to integrate it into their platform in March 2019.

This March 2019 date is important, because that was when the RedMart database was last updated.

 

Lazada RedMart Data Breach : What Happened?

The Lazada RedMart database was spotted for same in an online forum, amongst many other databases stolen from other e-commerce websites.

In this screenshot, you can see that it claims to have details on 1.1 million Lazada RedMart customers :

  • Email address
  • Password
  • Mailing address
  • Name
  • Phone number
  • Partial credit card information

Picture Credit : CNA

In a statement posted on 30 October 2020, Lazada confirmed the data breach involving their RedMart database.

They assert that only the old RedMart database that was “18 months out of date” when it was last updated in March 2019.

Singapore, 30 October 2020 – Lazada places great importance on protecting your personal information, and we value the trust you have placed with us. On 29 October 2020, as part of our proactive monitoring, our cybersecurity team discovered a data security incident in Singapore, involving a RedMart-only database hosted on a third-party service provider. The customer data hosted on this database is more than 18 months out of date as it was last updated in March 2019.

The customer information that was illegally accessed include the names, phone numbers, emails, addresses, encrypted passwords and partial credit card numbers of RedMart customers. We have taken immediate action to block unauthorised access to the database. This data was used on the previous RedMart app and website, which are no longer in use. Lazada customer data in Southeast Asia is not affected by this incident.

Protecting the data and privacy of our users is of utmost importance to us. Apart from reviewing and fortifying our security infrastructure, we are working very closely with the relevant authorities on this incident and remain committed to providing all necessary support to our users.

We want to be transparent about this incident with all of our customers and reassure you that we are taking it seriously.

They also set their platform to log out all Lazada users, and require them to register a new password.

They are also warning their users to be on the alert for spam mails requesting personal information.

 

Lazada RedMart Data Breach : What’s The Implication?

A Data Breach Is A Data Breach Is A Data Breach

Lazada may claim that the data and privacy of their users are of the utmost importance, but the data breach says otherwise.

They left a database they no longer used since March 2019 on a third-party service provider, and accessible online all this time.

Any half-decent cybersecurity specialist would have told them to take the database offline, unless it was essential to the operation of the website.

Closing The Barn Door After The Horses Have Bolted

Lazada immediately blocked unauthorised access to their RedMart database, but that’s like closing the barn door after the horses have bolted.

Once the data was stolen, all it does is prevent other attackers from stealing the data for themselves.

Lazada Migrated RedMart Users In March 2016

It seems a little disingenuous for Lazada to announce that the data was used in “the previous RedMart app and website, which are no longer in use“.

They appear to have migrated RedMart users to Lazada on 15 March 2016 using the same data that was just stolen.

Unless RedMart users changed their passwords, addresses, phone numbers, email addresses or credit card details AFTER they were migrated to the Lazada platform, they remain exposed by the data breach.

The Data Isn’t Necessarily Outdated

Most of us don’t change our logins and passwords that often. And we often reuse the same login and password combination for different websites.

So it is scant assurance that their RedMart database was last updated in March 2019, even if we take their word that it was more than 18 months out of date.

This data breach exposes all affected RedMart users to the possibility of their other accounts being breached as well.

Only Ex-RedMart Users Affected

The only saving grace we can see here is that it looks like only former RedMart users are affected by this data breach.

That means Lazada users who never registered or used the RedMart app or website are not affected.

 

Lazada RedMart Data Breach : What Can You Do?

If you ever registered for, or used, RedMart before their migration to the Lazada platform in March 2016, we highly recommend that you :

  • change your Lazada password
  • change the password of accounts that use the same password as your Lazada / RedMart account
  • do NOT click on links in emails warning you about this data breach and asking you to change your password
  • do NOT respond to calls or messages warning you about this data breach
  • do NOT respond to requests for personal information

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware just announced that vSphere 7 Update 1 will add support for AMD SEV-ES encryption!

Find out what this means for enterprise security, and the future of AMD EPYC processors!

 

AMD SEV-ES Encryption : What Is It?

SEV-ES, short for Secure Encrypted Virtualization-Encrypted State, is a hardware-accelerated encryption capability in AMD EPYC processors.

Leveraging both the AMD Secure Processor and the AES-128 encryption engine built into every AMD EPYC processor, SEV-ES encrypts all CPU register contents when a virtual machine stops running.

This prevents the leakage of information from the CPU registers to components like the hypervisor. It can even detect malicious modifications to a CPU register state.

 

VMware vSphere 7 Now Supports AMD SEV-ES Encryption!

VMware vSphere 7 Update 1 adds support for both AMD SEV-ES and AMD EPYC processors.

The AMD Secure Processor in the first-generation EPYC processors can handle up to 15 encryption keys.

That increases to more than 500 encryption keys with the second-generation EPYC processors.

ESXi has many layers of isolation within its virtualised infrastructure, but all of that is implemented in software. They still require a level of trust in the hardware, which is where AMD SEV-ES comes in.

A guest operating system that supports SEV can ask the AMD Secure Processor to issue it an encryption key, for full in-memory, in-hardware encryption.

SEV-ES extends that protection to CPU registers, so that the data inside the CPU itself is encrypted. This protects the data from being read or modified when the virtual machine stops running.

Even a compromised hypervisor that accesses the register data cannot make use of it, because it is now encrypted.

Needless to say, adding support for AMD SEV-ES in vSphere 7 will spur the uptake of AMD EPYC processors in the datacenter.

 

Recommended Reading

Go Back To > Enterprise IT | CybersecurityHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How Hackers Attack Healthcare During COVID-19 Pandemic!

Even during the COVID-19 pandemic, hackers have been attacking the healthcare system already buckling under pressure.

Take a look at the first part of a newly-released documentary on how hackers are attacking the healthcare system, and what it means for us and the world!

 

How Hackers Attack Healthcare During COVID-19 Pandemic!

Cybercriminals and state-sponsored hackers do not care that almost a million people have died from COVID-19. In fact, they see the pandemic as an opportunity.

Over the last few months, the creators of this documentary spoke to hospitals, law enforcement agencies, health organisations and research centres across the world, to understand how they are coping with increased cyberattacks and malware.

This particular feature was directed by Didi Mae Hand, and produced by Max Peltz.

 

Hackers Increased Attacks On Healthcare During COVID-19 Pandemic

The documentary reveals a shocking surge in cyberattacks on healthcare systems during the COVID-19 pandemic. The World Health Organisation (WHO), for example, reported a 5X increase in cyberattacks on its systems since March 2020.

State-sponsored hackers are mainly looking for biodata, including research on COVID-19 vaccines. Meanwhile, cybercriminals are capitalising on the fact that hospitals may be more willing than usual to pay a ransom.

For example, the Brno University Hospital, which was responsible for running a big share of COVID-19 testing in the Czech Republic, was held to ransom and forced to shut down its IT network at a critical time.

Fortunately, the surge in cyberattacks was met with an incredible response by the cybersecurity community. Some 3000 cybersecurity volunteers created the CV19 group to provide hospitals and healthcare institutions with free support to protect their systems.

 

Recommended Reading

Go Back To > Cybersecurity | Business | Home

 

Support Tech ARP!

If you like our work, you can help support us by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


WD NAS Can’t Be Seen In Windows? Here Are The Solutions!

You may be wondering why your WD NAS is no longer visible in Windows 10.

Where did it go? How do you get it back?

Find out why your WD NAS cannot no longer be seen in Windows, and what are the solutions!

 

WD NAS Can’t Be Seen In Windows : What Happened?

You may have been using your WD NAS for some time, but one day, its network share – the “drive” that you directly access – can no longer be seen in Windows 10.

The NAS links in Windows File Explorer will only lead you to the login page for the WD NAS management page, not the actual drive where you can directly read, copy, write or edit your files.

All these NAS issues are happening because Microsoft disabled the Network Browse function from Windows 10 v1709 onwards.

The problems started after Windows 10 Fall Creators Update 1709, which :

The Computer Browser service relies on the SMB 1.0 protocol to discover network devices and display them in the Windows Network Neighbourhood.

Disabling SMB 1.0 breaks the Computer Browser service, so it is automatically uninstalled and your NAS drives “disappear” from Network Neighbourhood.

Disabling guest access prevents guest or public access to your NAS drives, even to folders you specifically set to allow for public access. Hence, the Public folder they had access to earlier “disappears”.

 

Why Did Microsoft Disable Those Network Features?

The SMB1 network protocol was first implemented in Windows back in 1992, so it’s old… very old.

It’s so old that it lacks encryption. Everything transmitted via SMB1 can be captured and read, and even modified, by any attacker who gains access to the network.

Guest logins even on SMB2 do not support standard security features like signing and encryption. This makes them vulnerable to man-in-the-middle attacks.

That’s why Microsoft (finally) disabled them both, starting with the Windows 10 Fall Creators Update 1709.

 

WD NAS Can’t Be Seen In Windows : Before We Start…

Preliminary Step #1 : Update Your NAS

Before you do anything, you should log into your WD NAS management system and update its firmware, in case it’s not already set to automatically update.

Updating its firmware will ensure that your NAS supports at least SMB 2, if not SMB 3 as well.

WD NAS Windows URL macOS URL
My Cloud EX2100 http://wdmycloudex2100 http://wdmycloudex2100.local
My Cloud DL2100 http://wdmyclouddl2100 http://wdmyclouddl2100.local
My Cloud EX4100 http://wdmycloudex4100 http://wdmycloudex4100.local
My Cloud DL4100 http://wdmyclouddl4100 http://wdmyclouddl4100.local

Preliminary Step #2 : Use A Higher SMB Protocol

Then, enable the highest SMB protocol your WD NAS supports (Settings > Network). Set it to SMB 3 if possible.

This will ensure that both your WD NAS and your network support the most secure network protocol possible, for your security.

 

WD NAS Can’t Be Seen In Windows : The Solutions!

Best Solution : Map Your WD NAS By Device Name

The best way is to manually map your WD NAS by its device name. This lets you use the more secure SMB2 or SMB3 network protocols, with direct access to your files as usual.

  1. Determine your WD NAS network path, which is based on the device name.If you changed your WD NAS device name to TechARPCloud (for example), the network name will be \\TechARPCloudHere is a list of default network paths for different WD NAS :
WD NAS Default Network Path
My Cloud Home \\MYCLOUD-last 6 digits of serial number
Example : \\MYCLOUD-123456
My Cloud Home Duo
My Cloud \\WDMYCLOUD
My Cloud Mirror \\WDMYCLOUDMIRROR
My Cloud Mirror Gen 2
My Cloud EX2 \\WDMYCLOUDEX2
My Cloud EX2 Ultra \\MYCLOUDEX2ULTRA
My Cloud EX4 \\WDMYCLOUDEX4
My Cloud EX2100 \\WDMYCLOUDEX2100
My Cloud EX4100 \\WDMYCLOUDEX4100
My Cloud DL2100 \\WDMYCLOUDDL2100
My Cloud DL4100 \\WDMYCLOUDDL4100
My Cloud PR2100 \\MYCLOUDPR2100
My Cloud PR4100 \\MYCLOUDPR2100
  1. Open Windows File Explorer and click on Network on the left pane.
  2. Key in the network path of the WD NAS, which is based on its device name. Make sure you include \\ before the network path.

  1. You will be asked to key in a user name and password.
    This can be the administrator’s login, or the login of any registered user of your WD NAS.
    Remember – Windows 10 no longer allows guest logins or public access. So you will need to create a password-protected account even for guests to use.

  1. Once you successfully authenticate your user name and password, the network shares of your WD NAS will become visible in File Explorer under Network!You can stop here, but you will need to keep keying in the network path and login to access your NAS every time you boot into Windows.

  1. For more convenience, you can create a password-protected Private Share.Start by right-clicking on a network share from your WD NAS and select Map network drive…

  1. Select a drive letter for the network share.
    Check Reconnect at sign-in if you don’t want to automatically log into the drive.
    Then click Finish to map the drive.

That’s it! If you expand This PC in Windows File Explorer, you should now see that the WD NAS network drive has now been mapped by its device name!

 

Alternate Solution : Enable Network Discovery Without SMB1

This Windows 10 workaround can be used if your WD NAS supports SMB2 or SMB3 and you prefer not to map the network drives.

  1. Go to Windows Services.
  2. Start these two services :
    Function Discovery Provider Host
    Function Discovery Resource Publication
  3. Set the Startup type for both those services to Automatic (Delayed Start).
  4. Open Windows File Explorer and go to Network.
  5. When prompted, enable Network Discovery.

Your WD NAS shares should now be visible in Windows File Explorer.

 

Worst Case Solution : Enable Network Discovery Without SMB1

This should only be attempted if your WD NAS simply cannot support SMB2 or SMB3, and can only use SMB1.

  1. Go to Control Panel > Programs.
  2. Click on Turn Windows features on or off.
  3. Expand the SMB 1.0/CIFS File Sharing Support option.
  4. Check the SMB 1.0/CIFS Client option.
  5. Click the OK button.
  6. Restart Windows 10

After Windows 10 restarts, your WD NAS shares should now be visible in Windows File Explorer.

 

Recommended Reading

Go Back To > Computer Hardware | Home

Support Tech ARP!

If you like this review, please support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


HUAWEI 5G Aces GSMA NESAS Security Audit : The Impact?

In a bit of good news after months of bad news, HUAWEI announced that their 5G wireless and core network equipment passed the GSMA NESAS cybersecurity audit!

While that is great news for them, what exactly is the impact on the deployment of HUAWEI 5G equipment globally?

 

HUAWEI 5G Passes GSMA Network Security Assurance Audit!

In a bit of good news after months of bad news, HUAWEI announced that their 5G wireless and core network equipment passed the GSMA Network Equipment Security Assurance Scheme (NESAS) audit!

  • 5G RAN gNodeB
  • 5G Core UDG, UDM, UNC, UPCF
  • LTE eNodeB

Here is a summary of the twenty NESAS assessment categories and the compliance levels of the HUAWEI 5G equipment that were tested :

Prior to passing the GSMA NESAS audit, these HUAWEI 5G equipment also passed the 5G cybersecurity test by China’s IMT-2020 (5G) Promotion Group, using test specifications based on 3GPP International standards for 5G security assurance.

 

HUAWEI 5G Faces Political, Not Technical, Pressures

Passing the GSMA NESAS audit will help assuage the cybersecurity concerns of nations planning, or already implementing HUAWEI 5G network equipment.

However, HUAWEI faces political, not technical, pressures with their 5G network equipment.

The 100% compliance score in the NESAS audit will not change minds in the US, and their Five Eyes partners are unlikely to consider HUAWEI 5G equipment.

That said, passing this audit will nevertheless strengthen HUAWEI’s shield against claims that their 5G equipment pose much greater cybersecurity risks than competing platforms.

It will help them win additional contracts in smaller countries whose concerns are far less about cybersecurity and privacy, and more with costs.

 

GSMA Network Security Assurance Scheme (NESAS)

The GSMA Network Equipment Security Assurance Scheme (NESAS) audit is a standardised cybersecurity assessment mechanism, jointly defined by GSMA (GSM Association) and 3GPP, together with regulators, industry partners, major global operators, and vendors.

This is a voluntary program which network equipment vendors can subject their product development and lifecycle processes to a comprehensive and independent security audit.

The GSMA NESAS covers 20 assessment categories, defining security requirements with an assessment framework for 5G product development and product lifecycle processes. It also uses security test cases by 3GPP to assess the security of network equipment.

 

Recommended Reading

Go Back To > Business | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Phone Hack Fact Check : Argentina Is Doing It?

Warnings about a new phone hack called Argentina Is Doing It are circulating on social media.

Find out what the Argentina Is Doing It phone hack is all about, and if it’s really true!

 

Argentina Is Doing It : A Video Phone Hack?

Messages about this new phone hack, called Argentina Is Doing It, started circulating today on WhatsApp and Twitter :

Just a heads up….They are going to start circulating a video on WhatsApp that shows how the Covid19 curve is flattening in Argentina. The file is called “Argentina is doing it”, do not open it or see it, it hacks your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends.

Now they also said it on CNN

Hackers are going to start circulating a video on WhatsApp that shows how the Covid19 curve is flattening in Argentina. The file is called “Argentina is doing it”, do not open it or see it, it hacks your phone in 10 seconds and it cannot be stopped in any way. Pass the information on to your family and friends.

Now they also said it on CNN

There is a video circulating WhatsApp that shows how the Covid19 curve is flattening in Argentina. The file is called “Argentina is doing it”, do NOT open it or see it, it hacks your phone in 10 seconds and it cannot be stopped in any way. RT!!

 

Argentina Is Doing It Phone Hack : Complete Bullshit

As you may surmise from the HOAX overlay we placed on the screenshots, there is no such phone hack that uses a COVID-19 video called Argentina Is Doing It. Here are the reasons why…

Reason #1 : There Is No Such Video

There is no COVID-19 video called Argentina Is Doing It. It simply does not exist.

Reason #2 : Argentina Is Far From Flattening The Curve

And such a video on Argentina flattening the curve is unlikely to be created for some time to come, because Argentina is FAR from flattening the curve.

As this graph shows, the number of new cases are increasing weekly. On 16 July, over 3600 new cases were detected, bringing the total of COVID-19 cases to just under 115,000.

Reason #3 : The Story Is Illogical

Consider this for a second – how would anyone know what hackers are planning to do? Or what they are calling it?

If hackers actually created such a malware, they would have released it. Why wait?

Reason #4 : A Video Cannot Hack Your Phone Just Like That

While not completely impossible, it would be impossible for a video to hack phones that easily.

It is plausible for a video to be created to exploit a bug in a specific video player or operating system, just like how the Android wallpaper malware worked.

Such a malware would only be able to attack specific operating systems (Android or iOS), or a specific media player. It cannot just work on every phone – that only happens in movies.

Reason #5 : CNN Never Reported On Such A Video

While the hoax claims that CNN reported on this video, they did no such thing. There is no CNN report on a phone hack using a video called Argentina Is Doing It.

The most recent post on CNN about Argentina’s COVID-19 situation was a report on 26 June 2020, about the reimposition of the Buenos Aires lockdown, due to accelerated COVID-19 spread.

 

Recommended Reading

Go Back To > CybersecurityMobile | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Google Cloud Confidential VM With 2nd Gen AMD EPYC!

Google recently introduced Confidential Computing, with Confidential VM as the first product, and it’s powered by 2nd Gen AMD EPYC!

Here’s an overview of Confidential Computing and Confidential VM, and how they leverage the 2nd Gen AMD EPYC processor!

 

Google Cloud Confidential Computing : What Is It?

Google Cloud encrypts customer data while it’s “at-rest” and “in-transit“. But that data must be decrypted because it can be processed.

Confidential Computing addresses that problem by encrypting data in-use – while it’s being processed. This ensures that data is kept encrypted while in memory and outside the CPU.

 

Google Cloud Confidential VM, Powered By 2nd Gen AMD EPYC

The first product that Google is unveiling under its Confidential Computing portfolio is Confidential VM, now in beta.

Confidential VM basically adds memory encryption to the existing suite of isolation and sandboxing techniques Google Cloud uses to keep their virtual machines secure and isolated.

This will help customers, especially those in regulated industries, to better protect sensitive data by further isolating their workloads in the cloud.

Google Cloud Confidential VM : Key Features

Powered By 2nd Gen AMD EPYC

Google Cloud Confidential VM runs on N2D series virtual machines powered by the 2nd Gen AMD EPYC processors.

It leverages the Secure Encrypted Virtualisation (SEV) feature in 2nd Gen AMD EPYC processors to keep VM memory encrypted with a dedicated per-VM instance key.

These keys are generated and managed by the AMD Secure Processor inside the EPYC processor, during VM creation and reside only inside the VM – making them inaccessible to Google, or any other virtual machines running on the host.

Your data will stay encrypted while it’s being used, indexed, queried, or trained on. Encryption keys are generated in hardware, per virtual machine and are not exportable.

Confidential VM Performance

Google Cloud worked together with the AMD Cloud Solution team to minimise the performance impact of memory encryption on workloads.

They added support for new OSS drivers (name and gvnic) to handle storage traffic and network traffic with higher throughput than older protocols, thus ensuring that Confidential VM will perform almost as fast as non-confidential VM.

Easy Transition

According to Google, transitioning to Confidential VM is easy – all Google Cloud Platform (GCP) workloads can readily run as a Confidential VM whenever you want to.

Available OS Images

In addition to the hardware-based inline memory encryption, Google built Confidential VM on top of Shielded VM, to harden your OS image and verify the integrity of your firmware, kernel binaries and drivers.

Google currently offers images of Ubuntu v18.094, Ubuntu 20.04, Container Optimized OS (COS v81), and RHEL 8.2.

They are currently working with CentOS, Debian and other distributors to offer additional OS images for Confidential VM.

 

Recommended Reading

Go Back To > Computer | BusinessHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


NX Technology from The Tech ARP BIOS Guide!

NX Technology

Common Options : Enabled, Disabled

 

NX Technology : A Quick Review

The NX Technology BIOS feature is actually a toggle for the processor’s No Execute feature.

In fact, the acronym NX is short for No Execute and is specific to AMD’s implementation. Intel’s implementation is called XD, short for Execute Disable.

When enabled, the processor prevents the execution of code in data-only memory pages. This provides some protection against buffer overflow attacks.

When disabled, the processor will not restrict code execution in any memory area. This makes the processor more vulnerable to buffer overflow attacks.

It is highly recommended that you enable the NX Technology BIOS feature for increased protection against buffer overflow attacks.

However, please note that the No Execute feature is a hardware feature present only in the AMD64 family of processors. Older AMD processor do not support the No Execute feature. With such processors, this BIOS feature has no effect.

In addition, you must use an operating system that supports the No Execute feature. Currently, that includes the following operating systems :

  • Microsoft Windows Server 2003 with Service Pack 1, or newer
  • Microsoft Windows XP with Service Pack 2, or newer
  • Microsoft Windows XP Tablet PC Edition 2005, or newer
  • SUSE Linux 9.2, or newer
  • Red Hat Enterprise Linux 3 Update 3, or newer

Incidentally, some applications and device drivers attempt to execute code from the kernel stack for improved performance. This will cause a page-fault error if No Execute is enabled. In such cases, you will need to disable this BIOS feature.

 

NX Technology : The Full Details

Buffer overflow attacks are a major threat to networked computers. For example, a worm may infect a computer and flood the processor with code, bringing the system down to a halt. The worm will also propagate throughout the network, paralyzing each and every system it infects.

Due to the prevalence of such attacks, AMD added a feature called No Execute page protection, also known as Enhanced Virus Protection (EVP) to the AMD64 processors. This feature is designed to protect the computer against certain buffer overflow attacks.

Processors that come with this feature can restrict memory areas in which application code can be executed. When paired with an operating system that supports the No Execute feature, the processor adds a new attribute bit (the No Execute bit) in the paging structures used for address translation.

If the No Execute bit of a memory page is set to 1, that page can only be used to store data. It will not be used to store executable code. But if the No Execute bit of a memory page is set to 0, that page can be used to store data or executable code.

The processor will henceforth check the No Execute bit whenever it executes code. It will not execute code in a memory page with the No Execute bit set to 1. Any attempt to execute code in such a protected memory page will result in a page-fault exception.

So, if a worm or virus inserts code into the buffer, the processor prevents the code from being executed and the attack fails. This also prevents the worm or virus from propagating to other computers on the network.

The NX technology BIOS feature is actually a toggle for the processor’s No Execute feature. In fact, the acronym NX is short for No Execute and is specific to AMD’s implementation. Intel’s implementation is called XD, short for Execute Disable.

When enabled, the processor prevents the execution of code in data-only memory pages. This provides some protection against buffer overflow attacks.

When disabled, the processor will not restrict code execution in any memory area. This makes the processor more vulnerable to buffer overflow attacks.

It is highly recommended that you enable the NX Technology BIOS feature for increased protection against buffer overflow attacks.

However, please note that the No Execute feature is a hardware feature present only in the AMD64 family of processors. Older AMD processor do not support the No Execute feature. With such processors, this BIOS feature has no effect.

In addition, you must use an operating system that supports the No Execute feature. Currently, that includes the following operating systems :

  • Microsoft Windows Server 2003 with Service Pack 1, or newer
  • Microsoft Windows XP with Service Pack 2, or newer
  • Microsoft Windows XP Tablet PC Edition 2005, or newer
  • SUSE Linux 9.2, or newer
  • Red Hat Enterprise Linux 3 Update 3, or newer

Incidentally, some applications and device drivers attempt to execute code from the kernel stack for improved performance. This will cause a page-fault error if No Execute is enabled. In such cases, you will need to disable this BIOS feature.

 

Recommended Reading

Go Back To > Tech ARP BIOS GuideComputer | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How AMD CPUs Work In A Secured-core PC Device!

Microsoft just announced their partnership with AMD, Intel and Qualcomm to protect the PC’s firmware and operating system through the Secured-core PC initiative.

With help from Akash Malhotra, AMD Director of Security Product Management, here is everything you need to know about how AMD CPUs work in a Secured-core PC device!

 

What Is A Secured-core PC Device?

Secured-core PC is a new Microsoft initiative that they just announced. In partnership with their hardware partners, they aim to create a specific set of requirements for devices that are meant for secure use.

These requirements will apply the best practices in data security – isolation and minimal trust in the firmware layer and the device core that underpins the Windows operating system.

Secured-core PC devices are targeted at industries like financial services, government and healthcare, and anyone who work with valuable IP, customer or personal data. They would also be useful for persons of interest, who would be high-value targets for hackers and nation-state attackers.

Recommended : The Microsoft Secured-core PC Initiative Explained!

 

What Security Features Are Already In AMD CPUs?

Before we look at how AMD CPUs work in a Secured-core PC device, let’s take a look at what security features they ship with :

SKINIT: The SKINIT instruction helps create a “root of trust” starting with an initially untrusted operating mode. SKINIT reinitializes the processor to establish a secure execution environment for a software component called the secure loader (SL) and starts execution of the SL in a way to help prevent tampering SKINIT extends the hardware-based root of trust to the secure loader.

Secure Loader (SL): The AMD Secure Loader (SL) is responsible for validating the platform configuration by interrogating the hardware and requesting configuration information from the DRTM Service.

AMD Secure Processor (ASP): AMD Secure Processor is dedicated hardware available in each SOC which helps enable secure boot up from BIOS level into the Trusted Execution Environment (TEE). Trusted applications can leverage industry-standard APIs to take advantage of the TEE’s secure execution environment.

AMD-V with GMET: AMD-V is set of hardware extensions to enable virtualization on AMD platforms. Guest Mode Execute Trap (GMET) is a silicon performance acceleration feature added in next gen Ryzen which enables hypervisor to efficiently handle code integrity check and help protect against malware.

 

How AMD CPUs Work In A Secured-core PC Device

In a Secured-core PC powered by an AMD CPU, the firmware and bootloader will initialise, and shortly after, the system will transition into a trusted state with the hardware forcing the firmware down a well-known and measured code path.

That means the firmware is authenticated and measured by the security block in the AMD CPU, and that measurement is stored securely in TPM for verification and attestation by the operating system.

At any point after that, the operating system can request that the AMD security block remeasure and compare the firmware against the old values, before executing further operations. This way, the operating system can help verify the integrity of the system over time.

In AMD processors, the firmware protection is handled by the AMD Dynamic Root of Trust Measurement (DRTM) Service Block that is made up of SKINIT CPU instruction, ASP and the AMD Secure Loader (SL).

This block is responsible for creating and maintain a chain of trust between components by performing these functions:

  • Measure and authenticate firmware and bootloader
  • Gather the following system configuration for the OS, which will in turn validate them against its security requirements and store information for future verification.
    • Physical memory map
    • PCI configuration space location
    • Local APIC configuration
    • I/O APIC configuration
    • IOMMU configuration / TMR Configuration
    • Power management configuration

 

AMD SMM Supervisor

Although the method above protects the firmware, AMD points out that the System Management Mode (SMM) also needs to be protected.

SMM is a special-purpose x86 CPU mode that handles power management, hardware configuration, thermal monitoring, etc. Because SMM code executes in the highest privilege level and is invisible to the operating system, it is an attractive target for attackers.

To help isolate SMM, AMD introduced a security module called AMD SMM Supervisor that will :

  • Block SMM from being able to modify Hypervisor or OS memory. An exception is a small coordinate communication buffer between the two.
  • Prevent SMM from introducing new SMM code at run time
  • Block SMM from accessing DMA, I/O, or registers that can compromise the Hypervisor or OS

 

Recommended Reading

Go Back To > Cybersecurity | ComputerHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Microsoft Secured-core PC Initiative Explained!

Microsoft and their hardware partners just announced the Secured-core PC initiative to combat threats that target the PC’s firmware and operating system.

With help from David Weston, Partner Director of Microsoft OS Security, here is everything you need to know about the Secured-core PC initiative!

 

What Is The Secured-core PC Initiative?

Secured-core PC is a new Microsoft initiative that they just announced. In partnership with their hardware partners, they aim to create a specific set of requirements for devices that are meant for secure use.

These requirements will apply the best practices in data security – isolation and minimal trust in the firmware layer and the device core that underpins the Windows operating system.

Secured-core PC devices will be targeted at industries like financial services, government and healthcare, and anyone who work with valuable IP, customer or personal data. They would also be useful for persons of interest, who would be high-value targets for hackers and nation-state attackers.

 

Is There A Need For Secured-core PC?

As more protection is built into the operating system and connected services, attackers are exploring other methods with firmware emerging as a top target.

The NIST’s National Vulnerability Database shows a near 5X increase in the number of firmware vulnerabilities in the last 3 years :

In late 2018, security researchers discovered that the hacking group Strontium targeted systems in the wild with malware that made use of firmware vulnerabilities.

Because it targeted firmware, the malicious code was hard to detect, and difficult to remove. It even persists after the operating system is reinstalled, or the storage drive replaced!

 

Why Is Firmware The New Target?

Firmware is used to initialise the hardware and software when a device is started up. It therefore has a higher level of access and privileges than the hypervisor and operating system kernel.

This means firmware attacks that succeed can undermine protective mechanisms like Secure Boot that the hypervisor or operating system use to protect against malware.

Firmware attacks can more easily evade endpoint protection and detection solutions, because the latter run under the operating system layer, and therefore have limited visibility of the firmware layer.

 

What Is A Secured-core PC Made Up Of?

Secured-core PCs will combine multiple layers of protection – identity, virtualisation, operating system, hardware and firmware – to prevent attacks, rather than simply detecting them.

They all ensure that the device will boot securely and is protected against firmware vulnerabilities, shielding the operating system from attacks and preventing unauthorised access to the device and data.

Recommended : How AMD CPUs Work In A Secured-core PC Device

System Guard Secure Launch

Microsoft is now implementing System Guard Secure Launch in Windows 10 as a key Secured-core PC requirement.

System Guard uses the Dynamic Root of Trust for Measurement (DRTM) capabilities built into the latest processors from AMD, Intel and Qualcomm, to protect the boot process from firmware attacks.

The firmware is used to start the hardware, and then shortly after, re-initialise the system into a trusted state. This helps to limit the trust assigned to the firmware, greatly mitigating against firmware attacks.

This method also helps protect the integrity of the Virtualisation-Based Security (VBS) feature in the hypervisor against firmware vulnerabilities. This is critical because VBS is used for important OS security functions like Windows Defender Credential Guard and Hypervisor-protected Code Integrity (HVCI).

Trusted Platform Module 2.0

Microsoft is also implementing Trusted Platform Module 2.0 (TPM) as a device requirement for Secured-core PCs.

It is used to measure the components that are used during the secure launch process, allowing for zero trust networks using System Guard runtime attestation.

 

Secured-core PC Availability

Secured-core PC devices are available from Dell, Dynabook, HP, Lenovo, Panasonic and Microsoft’s own Surface brand.

 

Recommended Reading

Go Back To > Cybersecurity | ComputerHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Why AI Digital Intuition Will Deliver Cyberimmunity By 2050!

In his first prediction for Earth 2050, Eugene Kaspersky believes that AI digital intuition will deliver cyberimmunity by 2050. Do YOU agree?

 

What Is Earth 2050

Earth 2050 is a Kaspersky social media project – an open crowdsourced platform, where everyone can share their visions of the future.

So far, there are nearly 400 predictions from 70+ visionaries, from futurologist Ian Pearson, astrophysicist Martin Rees, venture capitalist Steven Hoffman, architect-engineer Carlo Ratti, writer James Kunstler and sci-fi writer David Brin.

Eugene himself dabbles in cyberdivination, and shares with us, a future of cyberimmunity created by AI digital intuition!

 

Eugene Kaspersky : From Digital Intuition To Cyberimmunity!

In recent years, digital systems have moved up to a whole new level. No longer assistants making life easier for us mere mortals, they’ve become the basis of civilization — the very framework keeping the world functioning properly in 2050.

This quantum leap forward has generated new requirements for the reliability and stability of artificial intelligence. Although some cyberthreats still haven’t become extinct since the romantic era around the turn of the century, they’re now dangerous only to outliers who for some reason reject modern standards of digital immunity.

The situation in many ways resembles the fight against human diseases. Thanks to the success of vaccines, the terrible epidemics that once devastated entire cities in the twentieth century are a thing of the past.

 

However, that’s where the resemblance ends. For humans, diseases like the plague or smallpox have been replaced by new, highly resistant “post-vaccination” diseases; but for the machines, things have turned out much better.

This is largely because the initial designers of digital immunity made all the right preparations for it in advance. In doing so, what helped them in particular was borrowing the systemic approaches of living systems and humans.

One of the pillars of cyber-immunity today is digital intuition, the ability of AI systems to make the right decisions in conditions where the source data are clearly insufficient to make a rational choice.

But there’s no mysticism here: Digital intuition is merely the logical continuation of the idea of machine learning. When the number and complexity of related self-learning systems exceeds a certain threshold, the quality of decision-making rises to a whole new level — a level that’s completely elusive to rational understanding.

An “intuitive solution” results from the superimposition of the experience of a huge number of machine-learning models, much like the result of the calculations of a quantum computer.

So, as you can see, it has been digital intuition, with its ability to instantly, correctly respond to unknown challenges that has helped build the digital security standards of this new era.

 

Recommended Reading

Go Back To > Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Fine For Scratching Nose A Wake-Up Call On AI Surveillance!

The recent case of a Chinese driver getting fine for scratching his face is a funny example of current AI surveillance technology. Yet it is also a wake-up call on the dangers of pervasive AI surveillance by the state.

 

Fined For Scratching Nose By AI Surveillance System!

A Jinan resident, Mr. Liu, was driving his car in the eastern Shandong province, when he raised his hand to touch his face. Most of us unconsciously do that 2 to 5 times per minute!

Unbeknownst to him, one of the many AI surveillance cameras in the city noticed his action, and issued him a fine of 50 yuan* and 2 demerit points for “driving while holding a phone“.

* Approximately $7.25 / £5.70 / €6.50 / RM 30

The Jinan AI surveillance system also sent him this screenshot of his traffic violation, as captured at 7:20 AM on 20 May 2019.

Just like many automated systems (looking at you, Facebook and Google!), there was no way to dispute the charge. Mr. Liu tried to sort out the situation over the phone, but “no one would help him“.

He only got justice by appealing to the court of public opinion on Sina Weibo, where his post went viral. Only then did the Jinan traffic police department take notice and investigate his complaint.

Two days later, they cancelled his ticket after confirming that he was only touching his face, and not actually using a phone while driving.

 

AI Surveillance In Chinese Cities

China has been working hard at developing smart cities, as part of their social engineering efforts to quell political dissent and encourage Chinese citizens to “behave properly”.

There are already over 170 million surveillance cameras across China, with a projected 400 million surveillance cameras installed by next year. And they are all controlled by AI surveillance systems.

Such extensive surveillance coverage has allowed the Chinese government to detect crimes and punish their citizens for them. It also feeds the new Social Credit System – a national reputation system that assess the economic and social reputation of every Chinese citizen and business.

However, such pervasive surveillance has led to serious privacy implications for the Chinese citizenry. Anyone who wants to understand the power, allure and dangers of AI surveillance should watch the TV series, Person of Interest.

 

The Dangers Of AI Surveillance

While AI surveillance technology is now quite incredible, this case has exposed its vulnerabilities and limitations.

  1. Human oversight is still necessary, because AI surveillance is not accurate enough to detect false positives.
  2. It may be tempting to make the AI surveillance system the judge, jury and executioner, but such systems need to implement the principle of “guilty beyond a reasonable doubt“, and that means ignoring anything that is not close to a 99.9% match.
  3. There should be an appeal system in place. It took a viral social media post to alert the Jinan traffic police department to the mistake.
  4. There is also the question of personal data security. Can the government securely store the data, without unsanctioned or illegal access? How long should they store the information before they are deleted?

 

Alibaba Cloud + The Malaysia City Brain

Alibaba Cloud is one of the chief architects of Chinese smart city initiative and AI surveillance capabilities with their ET City Brain that runs on their Tianchi Platform.

Last year, Alibaba Cloud announced their collaboration with the Malaysia Digital Economy Corporation (MDEC) to introduce the Malaysia City Brain.

The first phase of the Malaysia City Brain will kickstart with 382 AI traffic cameras at 281 traffic light junctions in Kuala Lumpur.

Although the Malaysian government is ostensibly implementing the Malaysia City Brain to “optimise the flow of vehicles and timing of traffic signals“, it is really a short step to the Chinese model of population and crime surveillance.

 

Recommended Reading

Go Back To > Cybersecurity| Enterprise | AutomotiveHome

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Google Password Checkup Guide – Read Before You Install!

Google just released a new Chrome extension called Password Checkup. Practically everyone thinks it is the best thing since sliced bread.

Is it really that good? Should YOU install it? Find out what it does, and what you should know about Password Checkup, before you install it.

 

Password Checkup

Google will already warn you if your Google Account is compromised in any way, forcing you to change your password. However, they were not able to do that for your non-Google accounts.

That changes with Password Checkup.

What Does Password Checkup Do?

Once added to Google Chrome, Password Checkup will work like a password watchdog. Every time you log into a non-Google website, it will check your login and password against a database of about 4 million leaked logins.

What Happens If It Detects A Match?

If it detects a match, you will be alerted and asked to change your password. If you are using the same login and password combination in other websites, you should obviously also change them as well.

Your New Password Will Be Verified Too

The Password Checkup extension will also verify the your new password has not been compromised either.

Sounds awesome? Well, not so fast…

 

Does Password Checkup Share My Data?

Google promises that Password Checkup would not report any identifying information. But it will still collect some information that Google may share or utilise :

  • number of lookups that reveals an unsafe credential
  • whether an alert leads to a password change, and
  • the website domain involved

That said, Google will find a way somehow to benefit from it… See the next section.

 

Caveat : You Must Be Signed-In

Most privacy-conscious individuals who use Google Chrome do not sign into their Google Account. This allows them to anonymise their browsing history, and prevent data sharing across the many Google services.

However, Password Checkup explicitly requires you to be logged into your Google Account. It will only work if you stay logged into your Google Account while using Chrome.

[adrotate group=”1″]

 

Should You Install Password Checkup?

The requirement to stay logged into your Google Account is, frankly, troubling because the extension should not need you to be logged in to verify your password against a database of leaked passwords.

After all, you can already do the same anonymously at HaveIBeenPwned.

Now, we are not saying that it’s wrong for Google to try and benefit from this. This requirement is literally the price you pay for this free checking service – you must log into your Google Account and let Google track and monetise your browsing habits.

If you are fine with that, head over to the next page for our guide on how to install Password Checkup, turn it on and off, and more!

 

Workaround For The Privacy Conscious

If you are privacy-conscious, there is a way to have your cake and eat it too. Like all workarounds, it does entail some hassle, so you decide if it’s worth the effort.

You can install and use Password Checkup periodically. Google actually allows you to disable and re-enable it (see next page) whenever you wish. However, you can disable it just by logging out of your Google Account.

Login credentials don’t leak all the time, so it’s perfectly alright NOT to use Password Checkup every day. Once a week or month, just log into your Google Account and log into your non-Google accounts, to make sure they have not been compromised.

Then you can log out of your Google Account, effectively disabling Password Checkup, and use Google Chrome without sharing your browsing history with Google.

Next Page >  Password Checkup – Installation | Turning On / Off | Muting Warnings | Deleting Data

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


How To Add Password Checkup

Password Checkup only works on Google Chrome, so obviously, you should have Google Chrome installed in the first place. Then…

  1. Open Google Chrome and sign in to your Google Account.
  2. Go to the Chrome store and download Password Checkup.
  3. Follow the steps on your screen.

 

How To Turn Password Checkup On / Off?

  1. Open Google Chrome and sign in to your Google Account.
  2. In the top right, select More   More tools Extensions.
  3. Find Password Checkup in the list of extensions.
  4. Turn Password Checkup on or off.

But note that turning it off does not delete data created and stored by the extension.

How To Mute Warnings For A Website

When you receive a warning, you should IMMEDIATELY change your password. But if for some reason, you need to do this later, you can choose to mute the warnings you receive for a particular website :

  • Select the Ignore for this site option to mute all future warnings for the website.
  • To restore future warnings for that website (or others that you have muted too), you will need to delete the stored information (see the next section).

 

How To Delete Data Stored By Password Checkup

If Password Checkup finds that a login and password combination has been compromised, it will create and store a hashed, partial code for that combination in your Chrome browser. This partial code can’t be used to recreate a complete version of your login info.

To delete this code on your Chrome browser, change your unsafe password or follow these steps:

  1. Open Google Chrome, and sign in to your Google Account.
  2. At the top, select Password Checkup from the Toolbar  Advanced Settings  Clear Extension Data.

Note: This info is used to stop all future notifications about an unsafe password. If you delete this info, you might see notifications about unsafe passwords you’ve chosen to ignore.

 

Recommended Reading

[adrotate group=”2″]

Go Back To > First PageSoftware | Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


FB Messenger, Instagram + WhatsApp Integration Clarified!

Since the story broke about the Facebook Messenger, Instagram and WhatsApp integration plan, the world exploded in a mixture of shock, apoplexy, and righteous indignation.

Take a DEEP BREATH and CALM DOWN. Let us tell you exactly what the FB Messenger + Instagram + WhatsApp integration plan is really about, and what it really means for Facebook and all of us…

 

The FB Messenger + Instagram + WhatsApp Integration Plan Clarified!

What Is Going On?

The New York Times broke the story on 25 January 2019, that Facebook CEO Mark Zuckerberg is working to integrate the messaging services that power Facebook Messenger, Instagram and WhatsApp.

Essentially, he wants all three platforms to use the same messaging platform or protocol to communicate.

Are The Three Apps Being Merged?

NO.

Some reports (looking at your, Forbes and BBC!) have claimed that WhatsApp is merging with Facebook Messenger and Instagram, or that WhatsApp and Instagram will be integrated with Facebook Messenger. That is NOT TRUE.

Facebook is not going to combine all three apps into a single mega-app – the one app to rule them all. WhatsApp, Instagram and Facebook Messenger will continue to be separate apps.

What Exactly Has Changed?

NOTHING at the moment. This FB Messenger + Instagram + WhatsApp integration project is scheduled to be completed by the end of 2019, or early 2020.

Until the new unified messaging protocol is complete and implemented in all three apps, nothing will change. At the moment, all three apps continue to use their existing messaging protocols.

What We Know About The Messenger + Instagram + WhatsApp Integration Plan So Far

Let’s enumerate what we know about the FB Messenger + Instagram + WhatsApp integration plan :

  1. All three apps will still function independently
  2. All three apps will use the same messaging protocol
  3. The new unified messaging protocol will support end-to-end encryption

Why Does Facebook Want To Do This?

Migrating all three apps to a unified messaging protocol or platform has some real advantages for Facebook :

  • far less work is needed to maintain a single platform or set of protocols, than three different platforms or sets of protocols
  • it will extend the reach of their three apps, helping to “encourage” users of one app to use the other two apps.
  • it will make it easier for them to harvest more information, to create more accurate user profiles.
  • it should make it easier to introduce or extend new features into all three apps, e.g. time-limited Stories.

Is This Good Or Bad For Users?

There are some potential advantages for users…

  • users of any one of those three apps will be able to communicate with each other, without installing the other apps.
  • users of any one of those three apps will be able to share data (photos, videos, files, etc.) with each other, without installing the other apps.
  • it will introduce end-to-end encryption to Instagram, which does not yet support it.
  • potentially, it could mean end-to-end encryption will be enabled by default for Facebook Messenger (which currently only supports end-to-end encryption if you turn on Secret Conversations).
  • it could promote greater accountability and transparency, with a reduction in fake accounts and profiles.

On the other hand, the tighter integration has some serious potential ramifications…

  • it will be harder to obfuscate or separate your profile in one app, from your profiles in the other two apps.
  • any bug or vulnerability in the unified messaging protocol will affect all three apps.
  • any successful attack will cause far greater damage, with far more data lost or stolen.
  • it does not address serious privacy concerns – even if end-to-end encryption is enabled by default for all three apps in the new unified messaging protocol, the metadata isn’t.
  • it may make it more difficult for users to consider alternative apps or services.
  • abusing one app (intentional or otherwise) could get you banned or blocked on all three apps.

How Serious Are These Concerns?

The New York Times reported that Mark Zuckerberg’s “championing” of the FB Messenger + Instagram + WhatsApp integration plan led to “internal strife” over privacy concerns. How bad?

Apparently, it led to the founders of both Instagram (Kevin System and Mike Krieger) and WhatsApp (Jan Koum and Brian Acton) leaving Facebook. Dozens of WhatsApp employees also clashed with Mark Zuckerberg over this integration plan.

But Don’t Panic Just Yet…

There is no need to be one of those headless chickens running around, screaming that the world has ended or is about to end. The WhatsApp Messenger you have come to rely on has not changed, or will change for many more months to come.

The project is still in its infancy. Facebook is internally planning to complete the project by the end of 2019, and probably early 2020. There is still the better part of the year to consider alternative messaging apps out there.

 

Recommended Reading

[adrotate group=”2″]

Go Back To >  Software | Business | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Lenovo ThinkShield Tech Briefing by Thorsten Stremlau!

Lenovo recently introduced ThinkShield – a complete end-to-end security solution to keep all of their devices secure throughout their life cycle. Join us for the official Lenovo ThinkShield tech briefing by Thorsten Stremlau!

 

The Lenovo ThinkShield Tech Briefing

Lenovo ThinkShield is a comprehensive suite of hardware, software and policies that are designed to protect Lenovo devices from the design and manufacturing stages, and all the way through their lifespans.

Thorsten Stremlau, Lenovo Commercial Chief Technology Officer, flew in to give us a briefing on Lenovo ThinkShield. Check it out!

Lenovo ThinkShield Secures Devices through the Entire Lifecycle

  • From secure BIOS and firmware development to features like ThinkPad Privacy Guard security screens and the industry’s first laptop camera shutters, Lenovo builds protection into its products.
  • Security doesn’t stop at design: Lenovo has unique control over its global supply chain, setting strict security standards and policies for its manufacturing facilities.
  • Lenovo’s strategic partnership with Intel has enabled them to align with the Intel Transparent Supply Chain, which allows customers to locate the source of each component of their new system.
  • Lenovo oversees the security of suppliers who build intelligent components, making sure they conform to rigorous Trusted Supplier Program guidelines and best practices. For an extra layer of transparency, Lenovo Quality Engineers can audit suppliers at any time.

Lenovo ThinkShield Protects Users’ Identities and Credentials

  • A founding member of FIDO®, Lenovo offers the industry’s first and only FIDO-certified authenticators—plus match-on-chip fingerprint technology—to give companies safer, easier ways to protect their employees’ identities.
  • An industry-leading level of integration with Intel Authenticate—up to 7 authentication factors—offers greater security and flexibility than vendors providing fewer authentication methods.
  • BIOS-based Smart USB protection allows IT professionals to configure USB ports to respond only to keyboards and pointing devices, keeping employees’ PCs safer.

Lenovo ThinkShield Protects Users Online

  • Lenovo WiFi Security, in partnership with Coronet, detects threats and notifies users when they are about to connect to unsafe wireless networks.
  • BUFFERZONE technology isolates online threats before they infect the whole organization.
  • Lenovo Endpoint Management, powered by MobileIron, provides a secure, simple way to unify cloud and endpoint security across multiple devices.

Lenovo ThinkShield Protects Users’ Data

  • Absolute Persistence technology provides IT admins with an unbreakable connection to all of their devices so they can leverage enriched asset intelligence, automate endpoint hygiene and stay audit-ready with continuous compliance.
  • Once devices reach the end of their lifecycle, Lenovo keeps potentially sensitive data secure by wiping the drives and securely recycling the parts.
  • Lenovo offers a paid Keep Your Drive service that ensures sensitive information never leaves customers’ hands.

 

Recommended Reading

[adrotate group=”2″]

Go Back To > Business + Enterprise | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Kaspersky Lab Tips On Staying Safe While Shopping Online!

Here is a short guide by the Kaspersky Lab team on how to stay safe while shopping online during the holiday sales, whether it’s for Black Friday, Cyber Monday or Christmas! Bookmark it for reference, and share this with your friends!

 

Kaspersky Lab Tips On Staying Safe While Shopping Online!

Why Is This Important?

14 families of malware targeting 67 different popular consumer brands around the world were recently detected. It caused the exposure of a large amount of client emails from a popular online shop.

Emails may seem a small matter but this sort of information is in fact precious to scammers. Any personal data can be used by cybercriminals to target their victims.

Increase in the share of financial phishing in the last years

How Do Scammers Compromise Your Personal Data?

If a company is compromised and scammers get hold of customer’s email addresses, they can create an automatized spam mailout that mimics an authentic email. This would entice users to follow a malicious link or download a malicious file onto their devices.

What Should You Do?

Be very careful as we head into the holiday sales season, from Black Friday till Christmas and Boxing Day sales – the busiest time of the year. Do not compromise your bank accounts by following a phishing link and entering your bank credentials. Research shows that malware designed to steal data from online banking and payment accounts has extended its reach to target online shoppers.

Amazon sent out a warning as soon as the leak was exposed. And, although Amazon’s actions have been criticized for a lack of technical detail and a recommendation not to change users passwords, it’s great that company’s representative’s didn’t hesitate to warn their customers about possible threats, asking them to be on the lookout to minimize possible damage,” said Tatyana Sidorina, security researcher at Kaspersky Lab.

Tips On Staying Safe While Shopping Online

To keep yourself safe from fraudsters while shopping online during this holiday season, Kaspersky Lab recommends taking the following precautionary measures:

  • Always check the link address and the sender’s email to find out if they are genuine before clicking anything – very often phishers create URLs and e-mails that are are very similar to the authentic addresses of big companies, yet differ from them with one or two letters.
  • To make sure you follow a correct link, do not click on it, but type it into your browser’s address line instead.
  • Do not enter your credit card details in unfamiliar or suspicious sites and always double-check the webpage is genuine before entering any personal information (at least take a look at the URL). Fake websites may look just like the real ones.
  • If you think that you may have entered your data into a fake page, don’t hesitate. Change your passwords and pin-codes ASAP. Use strong passwords consisting of different symbols.
  • Never use the same password for several websites or services, because if one is stolen, all of your accounts will be put at risk. To create strong hack-proof passwords without having to face the struggle of remembering them, use a password manager such as Kaspersky Password Manager.
  • To ensure that no one penetrates your connection to invisibly replace genuine websites with fake ones, or intercept your web traffic, always use a secure connection – only use secure Wi-Fi with strong encryption and passwords, or apply VPN solutions that encrypt the traffic. For example, Kaspersky Secure Connection will switch on encryption automatically, when the connection is not secure enough.

 

Recommended Reading

[adrotate group=”2″]

Go Back To > Cybersecurity | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Facebook Privacy Tools Are Now Easier To Find. Yay?

Facebook has been doing a belated job of closing the barn door after the horses have bolted out and rampaged through the village. Now they officially announced that Facebook privacy tools are “easier to find”. Yay for transparency?

Read the official Facebook press release on making privacy tools easier to find… and tell us what you think!

 

Facebook Privacy Tools Now Easier To Find

By Erin Egan, VP and Chief Privacy Officer, Policy and Ashlie Beringer, VP and Deputy General Counsel

Last week showed how much more work we need to do to enforce our policies and help people understand how Facebook works and the choices they have over their data. We’ve heard loud and clear that privacy settings and other important tools are too hard to find and that we must do more to keep people informed.

So in addition to Mark Zuckerberg’s announcements last week – cracking down on abuse of the Facebook platform, strengthening our policies, and making it easier for people to revoke apps’ ability to use your data – we’re taking additional steps in the coming weeks to put people more in control of their privacy.

Most of these updates have been in the works for some time, but the events of the past several days underscore their importance.

Making Data Settings and Tools Easier to Find

Controls that are easier to find and use. We’ve redesigned our entire settings menu on mobile devices from top to bottom to make things easier to find. Instead of having settings spread across nearly 20 different screens, they’re now accessible from a single place. We’ve also cleaned up outdated settings so it’s clear what information can and can’t be shared with apps.

New Privacy Shortcuts menu. People have also told us that information about privacy, security, and ads should be much easier to find. The new Privacy Shortcuts is a menu where you can control your data in just a few taps, with clearer explanations of how our controls work. The experience is now clearer, more visual, and easy-to-find. From here you can:

  • Make your account more secure: You can add more layers of protection to your account, like two-factor authentication. If you turn this on and someone tries to log into your account from a device we don’t recogni​se, you’ll be asked to confirm whether it was you.
  • Control your personal information: You can review what you’ve shared and delete it if you want to. This includes posts you’ve shared or reacted to, friend requests you’ve sent, and things you’ve searched for on Facebook.
  • Control the ads you see: You can manage the information we use to show you ads. Ad preferences explains how ads work and the options you have.
  • Manage who sees your posts and profile information: You own what you share on Facebook, and you can manage things like who sees your posts and the information you choose to include on your profile.

Tools to find, download and delete your Facebook data.

It’s one thing to have a policy explaining what data we collect and use, but it’s even more useful when people see and manage their own information. Some people want to delete things they’ve shared in the past, while others are just curious about the information Facebook has.

So we’re introducing Access Your Information – a secure way for people to access and manage their information, such as posts, reactions, comments, and things you’ve searched for. You can go here to delete anything from your timeline or profile that you no longer want on Facebook.

We’re also making it easier to download the data you’ve shared with Facebook – it’s your data, after all. You can download a secure copy and even move it to another service. This includes photos you’ve uploaded, contacts you’ve added to your account, posts on your timeline, and more.

The Road Ahead

[adrotate group=”2″]

It’s also our responsibility to tell you how we collect and use your data in language that’s detailed, but also easy to understand. In the coming weeks, we’ll be proposing updates to Facebook’s terms of service that include our commitments to people.

We’ll also update our data policy to better spell out what data we collect and how we use it. These updates are about transparency – not about gaining new rights to collect, use, or share data.

We’ve worked with regulators, legislators and privacy experts on these tools and updates. We’ll have more to share in the coming weeks, including updates on the measures Mark shared last week.

Go Back To > News | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

AMD RyzenFall, MasterKey, Fallout, Chimera Mitigation Guide

The recently-discovered RyzenFall, MasterKey, Fallout and Chimera security flaws affecting AMD’s latest processor platforms are ruining the AMD Ryzen 2 pre-launch vibes. So it’s no surprise to see AMD working hard to fix the vulnerabilities.

In this article, we will share with you the latest AMD mitigation options for the RyzenFall, MasterKey, Fallout and Chimera security vulnerabilities.

 

What’s Really Affected?

While it is accurate to say that the AMD Ryzen and AMD EPYC processors are affected by RyzenFall, MasterKey, Fallout and Chimera, these vulnerabilities do not affect the actual processor cores. Neither are they related to the Zen microarchitecture.

This makes them completely different from the Meltdown and Spectre vulnerabilities that have been “built into” over 2,800 CPU models!

Instead, the new RyzenFall, MasterKey, Fallout and Chimera security vulnerabilities are found in:

  • the AMD Secure Processor (integrated into the new Ryzen and EPYC processors), and
  • the AMD Promontory chipsets that are paired with Ryzen and Ryzen Pro desktop processors.

The AMD Promontory chipset is used in many Socket AM4 desktop, and Socket TR4 high-end desktop (HEDT) platforms.

AMD EPYC, Ryzen Embedded, and Ryzen Mobile platforms do not use the Promontory chipset.

 

The AMD RyzenFall, MasterKey, Fallout + Chimera Mitigations

RyzenFall + Fallout

Issue : An attacker with administrative access can write to the AMD Secure Processor (PSP registers to exploit vulnerabilities in the interface between the x86 processor core and AMD Secure Processor.

Impact : The attacker can circumvent security controls to install difficult-to-detect malware in the x86 System Management Mode (SMM). The access is not persistent across reboots.

Planned Mitigations : AMD will issue AMD Secure Processor firmware patches through BIOS updates in coming weeks. No performance impact is expected.

MasterKey (PSP Privilege Escalation)

Issue : An attacker with administrative access can write malicious firmware updates, without the AMD Secure Processor (PSP) detecting the “corruption”.

Impact : The attacker can circumvent security controls to install difficult-to-detect malware. These changes are persistent, even following a system reboot.

Planned Mitigations : AMD will issue AMD Secure Processor firmware patches through BIOS updates in coming weeks. No performance impact is expected.

Chimera

Issue : An attacker with administrative access can install a malicious driver to access certain features in the AMD Promontory chipset.

Impact : The attacker can access physical memory through the Promontory chipset. The attacker can also install difficult-to-detect malware in the chipset, but this is not persistent across reboots.

Planned Mitigations : AMD will issue chipset patches through BIOS updates in coming weeks. No performance impact is expected.

 

Reading Suggestions

[adrotate group=”2″]

Go Back To > Guides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Complete List Of CPUs Vulnerable To Meltdown / Spectre Rev. 8.0

The speculative execution CPU bug that literally kneecapped Intel, also affects many AMD and ARM processors. This means BILLIONS of CPUs around the world, including those powering smartphones, are affected by Meltdown and/or Spectre.

Our article Everything On The Meltdown + Spectre CPU Flaws! summarises the key details of  the speculative execution bug, and what we can do about it. This guide is to help those who want a full list of affected CPUs. Because we intend this to be an exhaustive list, we split it into multiple sections.

 

Article Update History

Click here for the Article Update History

Updated @ 2018-03-07 : Added a new list of 5 IBM z/Architecture CPUs. Added a new list of 22 VIA desktop and mobile CPUs. Added 1 ARM mobile CPU, 1 Intel server CPU, and 1 Intel mobile CPU. Also added 20 mobile SoCs, 9 digital TV or media player SoCs, and 43 industrial SoCs.

Updated @ 2018-02-15 : Added 96 Intel server CPUs, 91 Intel desktop CPUs, and 127 Intel mobile CPUs.

Updated @ 2018-02-07 : Added 128 AMD server CPUs, 11 AMD workstation CPUs, 128 AMD desktop CPUs, and 59 AMD mobile CPUs.

Updated @ 2018-02-02 : Added 11 Intel server CPUs, 96 AMD server CPUs, 168 AMD desktop CPUs, 77 AMD mobile CPUs, 10 IBM POWER CPUs, 9 HiSilicon Kirin mobile SoCs, 10 MediaTek mobile SOCs, 4 MediaTek digital TV SoCs, and 6 NVIDIA devices to the lists of vulnerable CPUs.

Updated @ 2018-01-14 : Added 416 Intel server CPUs, 8 Intel desktop CPUs, and 29 Intel mobile CPUs to the lists of vulnerable CPUs. Added a new list of 51 Intel mobile SoCs.

Updated @ 2018-01-12 : Added 71 AMD server CPUs, 71 AMD desktop CPUs, 29 AMD mobile CPUs and 3 AMD server SoCs based on a vulnerable ARM CPU. Also added a table summarising the number of vulnerable processors.

Updated @ 2018-01-11 : Added 18 Intel desktop CPUs and 165 Intel server / workstation CPUs. Also added a list of vulnerable Apple iOS devices, and expanded the list of vulnerable mobile SoCs used by smartphones.

Originally posted @ 2018-01-08


 

What Are Meltdown And Spectre?

Meltdown and Spectre are two exploits that take advantage of three variants of the speculative execution bug that affects billions of CPUs around the world.

The Spectre exploit targeted Variants 1 and 2, while the Meltdown exploit targets Variant 3, of the CPU bug.

For more information on the speculative execution bug, and the Meltdown / Spectre exploits, please read Everything On The Meltdown + Spectre CPU Flaws!

 

The CPUs Vulnerable To Meltdown / Spectre Updated!

For easy reference, we divided the affected CPUs by Company (arranged ALPHABETICALLY – no conspiracy, we promise), and subsequently by Segment (Workstation / Desktop / Mobile), or affected variants.

As of Revision 8.0, we believe we have covered all of the affected AMD, Apple, ARM, IBM, Intel and VIA CPUs. But we will add more CPUs (and devices) as and when they’re noted to be vulnerable to the Meltdown and Spectre exploits.

Note : It’s arguable that all CPUs that uses speculative execution to any degree are potentially vulnerable to Meltdown or Spectre or a future exploit. We will only focus on CPUs that are confirmed to be vulnerable to Meltdown or Spectre.

 

Vulnerable CPUs By The Numbers Updated!

Here is a quick summary of the number of CPUs vulnerable to Meltdown or Spectre, according to the company, and the type of processor.

Company Spectre 1 Spectre 2 Meltdown
AMD 295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
None
Apple 13 Mobile SoCs 13 Mobile SoCs 13 Mobile SoCs
ARM 10 Mobile CPUs
3 Server SoCs
10 Mobile CPUs
3 Server SoCs
4 Mobile CPUs
3 Server SoCs
IBM 5 z/Architecture CPUs
10 POWER CPUs
5 z/Architecture CPUs
10 POWER CPUs
5 z/Architecture CPUs
10 POWER CPUs
Intel 733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs
733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs
733 Server / Workstation CPUs
443 Desktop CPUs
584 Mobile CPUs
51 Mobile SoCs
VIA 10 Desktop CPUs
12 Mobile CPUs
10 Desktop CPUs
12 Mobile CPUs
10 Desktop CPUs
12 Mobile CPUs

Total

2816 CPUs 2816 CPUs 1868 CPUs

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

 

The AMD Server CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2.

AMD Server CPUs Vulnerable To Spectre

AMD Naples (2017)

  • AMD EPYC 7601
  • AMD EPYC 7551
  • AMD EPYC 7551P
  • AMD EPYC 7501
  • AMD EPYC 7451
  • AMD EPYC 7401
  • AMD EPYC 7401P
  • AMD EPYC 7351
  • AMD EPYC 7351P
  • AMD EPYC 7301
  • AMD EPYC 7281
  • AMD EPYC 7251

AMD Toronto (2017)

  • AMD Opteron X3421
  • AMD Opteron X3418
  • AMD Opteron X3416

AMD Kyoto (2013)

  • AMD Opteron X2170
  • AMD Opteron X2150
  • AMD Opteron X1150

AMD Abu Dhabi (2012)

  • AMD Opteron 6386 SE
  • AMD Opteron 6380
  • AMD Opteron 6378
  • AMD Opteron 6370P
  • AMD Opteron 6366 HE
  • AMD Opteron 6348
  • AMD Opteron 6344
  • AMD Opteron 6338P
  • AMD Opteron 6328
  • AMD Opteron 6320
  • AMD Opteron 6308

AMD Seoul (2012)

  • AMD Opteron 4386
  • AMD Opteron 4376 HE
  • AMD Opteron 43GK HE
  • AMD Opteron 4365 EE
  • AMD Opteron 4340
  • AMD Opteron 4334
  • AMD Opteron 4332 HE
  • AMD Opteron 4310 EE
  • AMD Opteron 43CX EE

AMD Delhi (2012)

  • AMD Opteron 3380
  • AMD Opteron 3365
  • AMD Opteron 3350 HE
  • AMD Opteron 3320 EE

AMD Zurich (2012)

  • AMD Opteron 3280
  • AMD Opteron 3260 HE
  • AMD Opteron 3250 HE

AMD Interlagos (2011)

  • AMD Opteron 6284 SE
  • AMD Opteron 6282 SE
  • AMD Opteron 6278
  • AMD Opteron 6276
  • AMD Opteron 6274
  • AMD Opteron 6272
  • AMD Opteron 6262 HE
  • AMD Opteron 6238
  • AMD Opteron 6234
  • AMD Opteron 6230 HE
  • AMD Opteron 6220
  • AMD Opteron 6212
  • AMD Opteron 6204

AMD Valencia (2011)

  • AMD Opteron 4284
  • AMD Opteron 4280
  • AMD Opteron 4276 HE
  • AMD Opteron 4274 HE
  • AMD Opteron 42MX HE
  • AMD Opteron 4256 EE
  • AMD Opteron 4240
  • AMD Opteron 4238
  • AMD Opteron 4234
  • AMD Opteron 4230 HE
  • AMD Opteron 4228 HE
  • AMD Opteron 4226
  • AMD Opteron 42DX EE

AMD Magny-Cours (2010)

  • AMD Opteron 6180 SE
  • AMD Opteron 6176 SE
  • AMD Opteron 6176
  • AMD Opteron 6174
  • AMD Opteron 6172
  • AMD Opteron 6168
  • AMD Opteron 6164 HE
  • AMD Opteron 6140
  • AMD Opteron 6136
  • AMD Opteron 6134
  • AMD Opteron 6132 HE
  • AMD Opteron 6128
  • AMD Opteron 6128 HE
  • AMD Opteron 61QS
  • AMD Opteron 61KS
  • AMD Opteron 6124 HE

AMD Lisbon (2010)

  • AMD Opteron 4184
  • AMD Opteron 4180
  • AMD Opteron 4176 HE
  • AMD Opteron 4174 HE
  • AMD Opteron 4171 HE
  • AMD Opteron 4170 HE
  • AMD Opteron 41KX HE
  • AMD Opteron 4164 EE
  • AMD Opteron 4162 EE
  • AMD Opteron 41GL EE
  • AMD Opteron 4133
  • AMD Opteron 4130
  • AMD Opteron 4122
  • AMD Opteron 41QS HE
  • AMD Opteron 41LE HE

AMD Istanbul (2009)

  • AMD Opteron 8439 SE
  • AMD Opteron 8435
  • AMD Opteron 8431
  • AMD Opteron 8425 HE
  • AMD Opteron 8423
  • AMD Opteron 8419
  • AMD Opteron 8419 EE
  • AMD Opteron 2439 SE
  • AMD Opteron 2435
  • AMD Opteron 2431
  • AMD Opteron 2427
  • AMD Opteron 2425 HE
  • AMD Opteron 2423 HE
  • AMD Opteron 2419
  • AMD Opteron 2419 EE

AMD Suzuka (2009)

  • AMD Opteron 1389
  • AMD Opteron 1385
  • AMD Opteron 1381
  • AMD Opteron 13QS HE
  • AMD Opteron 13KS EE

AMD Shanghai (2009)

  • AMD Opteron 8393 SE
  • AMD Opteron 8389
  • AMD Opteron 8387
  • AMD Opteron 8386 SE
  • AMD Opteron 8384
  • AMD Opteron 8382
  • AMD Opteron 8381 HE
  • AMD Opteron 8380
  • AMD Opteron 8379 HE
  • AMD Opteron 8378
  • AMD Opteron 83VS
  • AMD Opteron 8374 HE
  • AMD Opteron 83QS HE
  • AMD Opteron 2393 SE
  • AMD Opteron 2389
  • AMD Opteron 2387
  • AMD Opteron 2386 SE
  • AMD Opteron 2384
  • AMD Opteron 2382
  • AMD Opteron 2381 HE
  • AMD Opteron 2380
  • AMD Opteron 2379 HE
  • AMD Opteron 2378
  • AMD Opteron 2377 EE
  • AMD Opteron 2376
  • AMD Opteron 2376 HE
  • AMD Opteron 23VS
  • AMD Opteron 2374 HE
  • AMD Opteron 2373 EE
  • AMD Opteron 2372 HE
  • AMD Opteron 23QS HE
  • AMD Opteron 23KS EE

AMD Budapest (2008)

  • AMD Opteron 1356
  • AMD Opteron 1354
  • AMD Opteron 1352

AMD Barcelona (2007)

  • AMD Opteron 8360 SE
  • AMD Opteron 8357 SE
  • AMD Opteron 8356
  • AMD Opteron 8354
  • AMD Opteron 8352
  • AMD Opteron 8350
  • AMD Opteron 8350 HE
  • AMD Opteron 8347
  • AMD Opteron 8347 HE
  • AMD Opteron 8346 HE

AMD Santa Rosa (2006)

  • AMD Opteron 8224 SE
  • AMD Opteron 8222 SE
  • AMD Opteron 8222
  • AMD Opteron 8220 SE
  • AMD Opteron 8220
  • AMD Opteron 8218
  • AMD Opteron 8218 HE
  • AMD Opteron 8216
  • AMD Opteron 8216 HE
  • AMD Opteron 8214
  • AMD Opteron 8214 HE
  • AMD Opteron 8212
  • AMD Opteron 8212 HE
  • AMD Opteron 8210 EE
  • AMD Opteron 2224 SE
  • AMD Opteron 2222 SE
  • AMD Opteron 2222
  • AMD Opteron 2220 SE
  • AMD Opteron 2220
  • AMD Opteron 2218
  • AMD Opteron 2218 HE
  • AMD Opteron 2216
  • AMD Opteron 2216 HE
  • AMD Opteron 2214
  • AMD Opteron 2214 HE
  • AMD Opteron 2212
  • AMD Opteron 2212 HE
  • AMD Opteron 2210
  • AMD Opteron 2210 HE
  • AMD Opteron 2210 EE
  • AMD Opteron 2208 HE

AMD Santa Ana (2006)

  • AMD Opteron 1224 SE
  • AMD Opteron 1222 SE
  • AMD Opteron 1222
  • AMD Opteron 1220 SE
  • AMD Opteron 1220
  • AMD Opteron 1218
  • AMD Opteron 1218 HE
  • AMD Opteron 1216
  • AMD Opteron 1216 HE
  • AMD Opteron 1214
  • AMD Opteron 1214 HE
  • AMD Opteron 1212
  • AMD Opteron 1212 HE
  • AMD Opteron 1210
  • AMD Opteron 1210 HE
  • AMD Opteron 1210 EE

AMD Egypt (2005)

  • AMD Opteron 890
  • AMD Opteron 885
  • AMD Opteron 880
  • AMD Opteron 875
  • AMD Opteron 875 HE
  • AMD Opteron 870
  • AMD Opteron 870 HE
  • AMD Opteron 865
  • AMD Opteron 865 HE
  • AMD Opteron 860 HE

AMD Italy (2005)

  • AMD Opteron 290
  • AMD Opteron 285
  • AMD Opteron 280
  • AMD Opteron 275
  • AMD Opteron 275 HE
  • AMD Opteron 270
  • AMD Opteron 270 HE
  • AMD Opteron 265
  • AMD Opteron 265 HE
  • AMD Opteron 260 HE

AMD Denmark (2005)

  • AMD Opteron 190
  • AMD Opteron 185
  • AMD Opteron 180
  • AMD Opteron 175
  • AMD Opteron 170
  • AMD Opteron 165

AMD Athens (2004)

  • AMD Opteron 856
  • AMD Opteron 854
  • AMD Opteron 852
  • AMD Opteron 850
  • AMD Opteron 850 HE
  • AMD Opteron 848
  • AMD Opteron 848 HE
  • AMD Opteron 846
  • AMD Opteron 846 HE
  • AMD Opteron 844
  • AMD Opteron 842

AMD Troy (2004)

  • AMD Opteron 256
  • AMD Opteron 254
  • AMD Opteron 252
  • AMD Opteron 250
  • AMD Opteron 250 HE
  • AMD Opteron 248
  • AMD Opteron 248 HE
  • AMD Opteron 246
  • AMD Opteron 246 HE
  • AMD Opteron 244
  • AMD Opteron 242

AMD Venus (2004)

  • AMD Opteron 156
  • AMD Opteron 154
  • AMD Opteron 152
  • AMD Opteron 150
  • AMD Opteron 148
  • AMD Opteron 148 HE
  • AMD Opteron 146
  • AMD Opteron 144
  • AMD Opteron 142

AMD Sledgehammer (2003)

  • AMD Opteron 850
  • AMD Opteron 848
  • AMD Opteron 846
  • AMD Opteron 846 HE
  • AMD Opteron 844
  • AMD Opteron 842
  • AMD Opteron 840
  • AMD Opteron 840 EE
  • AMD Opteron 250
  • AMD Opteron 248
  • AMD Opteron 246
  • AMD Opteron 246 HE
  • AMD Opteron 244
  • AMD Opteron 242
  • AMD Opteron 240
  • AMD Opteron 240 EE
  • AMD Opteron 150
  • AMD Opteron 148
  • AMD Opteron 146
  • AMD Opteron 146 HE
  • AMD Opteron 144
  • AMD Opteron 142
  • AMD Opteron 140
  • AMD Opteron 140 EE

Next Page > AMD Workstation & Desktop CPUs Vulnerable To Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The AMD Workstation CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2. They are not vulnerable to Meltdown.

AMD Summit Ridge (2017)

  • AMD Ryzen Threadripper 1950X
  • AMD Ryzen Threadripper 1920X
  • AMD Ryzen Threadripper 1900X

AMD Vishera (2012)

  • AMD FX-9590
  • AMD FX-9370
  • AMD FX-8370E
  • AMD FX-8370
  • AMD FX-8350
  • AMD FX-8320E
  • AMD FX-8320
  • AMD FX-8310
  • AMD FX-8300
  • AMD FX-6350
  • AMD FX-6300
  • AMD FX-6200
  • AMD FX-4350
  • AMD FX-4320
  • AMD FX-4300

AMD Zambezi (2011)

  • AMD FX-8170
  • AMD FX-8150
  • AMD FX-8140
  • AMD FX-8120
  • AMD FX-8100
  • AMD FX-6130
  • AMD FX-6120
  • AMD FX-6100
  • AMD FX-4170
  • AMD FX-4150
  • AMD FX-4130
  • AMD FX-4120
  • AMD FX-4100

AMD Windsor (2006)

  • AMD Athlon 64 FX-74
  • AMD Athlon 64 FX-72
  • AMD Athlon 64 FX-70
  • AMD Athlon 64 FX-62

AMD Toledo (2005)

  • AMD Athlon 64 FX-60

AMD San Diego (2005)

  • AMD Athlon 64 FX-57
  • AMD Athlon 64 FX-55

AMD Clawhammer (2004)

  • AMD Athlon 64 FX-55
  • AMD Athlon 64 FX-53

AMD Sledgehammer (2003)

  • AMD Athlon 64 FX-53
  • AMD Athlon 64 FX-51

[adrotate group=”1″]

 

AMD Desktop CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2. They are not vulnerable to Meltdown.

AMD Raven Ridge (2018)

  • AMD Ryzen 5 2400G
  • AMD Ryzen 5 2200G

AMD Summit Ridge (2017)

  • AMD Ryzen 7 1800X
  • AMD Ryzen 7 1700X
  • AMD Ryzen 7 1700
  • AMD Ryzen 5 1600X
  • AMD Ryzen 5 1600
  • AMD Ryzen 5 1500X
  • AMD Ryzen 5 1400
  • AMD Ryzen 3 1300X
  • AMD Ryzen 3 1200

AMD Bristol Ridge (2016)

  • AMD PRO A12-9800
  • AMD A12-9800
  • AMD PRO A12-9800E
  • AMD A12-9800E
  • AMD PRO A10-9700
  • AMD A10-9700
  • AMD PRO A10-9700E
  • AMD A10-9700E
  • AMD PRO A8-9600
  • AMD A8-9600
  • AMD A6-9550
  • AMD PRO A6-9500
  • AMD A6-9500
  • AMD PRO A6-9500E
  • AMD A6-9500E
  • AMD Athlon X4 970
  • AMD Athlon X4 950
  • AMD Athlon X4 940

AMD Carrizo (2015)

  • AMD Athlon X4 845
  • AMD Athlon X4 835

AMD Kaveri (2014)

  • AMD A10-7890K
  • AMD A10-7870K
  • AMD A10-7860K
  • AMD A10 PRO-7850B
  • AMD A10-7850K
  • AMD A10 PRO-7800B
  • AMD A10-7800
  • AMD A10-7700K
  • AMD A8-7670K
  • AMD A8-7650K
  • AMD A8 PRO-7600B
  • AMD A8-7600
  • AMD A6-7470K
  • AMD A6-7400K
  • AMD A6 PRO-7400B
  • AMD A6 PRO-7350B
  • AMD FX-770K
  • AMD Athlon X4 880K
  • AMD Athlon X4 870K
  • AMD Athlon X4 860K
  • AMD Athlon X4 840
  • AMD Athlon X2 450

AMD Kabini (2014)

  • AMD Athlon 5370
  • AMD Athlon 5350
  • AMD Athlon 5150
  • AMD Sempron 3850
  • AMD Sempron 2650

AMD Richland (2013)

  • AMD A10-6800K
  • AMD A10-6800B
  • AMD A10-6790K
  • AMD A10-6790B
  • AMD A10-6700
  • AMD A10-6700T
  • AMD A8-6600K
  • AMD A8-6500B
  • AMD A8-6500
  • AMD A8-6500T
  • AMD A6-6420K
  • AMD A6-6420B
  • AMD A6-6400K
  • AMD A6-6400B
  • AMD A4 PRO-7300B
  • AMD A4-7300
  • AMD A4-6320B
  • AMD A4-6320
  • AMD A4-6300B
  • AMD A4-6300
  • AMD A4-4020
  • AMD A4-4000
  • AMD FX-670K
  • AMD Athlon X4 760K
  • AMD Athlon X4 750
  • AMD Athlon X2 370K
  • AMD Athlon X2 350
  • AMD Sempron X2 250

AMD Trinity (2012)

  • AMD A10-5800K
  • AMD A10-5800B
  • AMD A10-5700
  • AMD A8-5600K
  • AMD A8-5500B
  • AMD A8-5500
  • AMD A6-5400K
  • AMD A6-5400B
  • AMD A4-5300B
  • AMD A4-5300
  • AMD FirePro A320
  • AMD FirePro A300
  • AMD Athlon X4 750K
  • AMD Athlon X4 740
  • AMD Athlon X2 340
  • AMD Sempron X2 240

AMD Llano (2011)

  • AMD A8-3870K
  • AMD A8-3850
  • AMD A8-3820
  • AMD A8-3800
  • AMD A6-3670K
  • AMD A6-3650
  • AMD A6-3620
  • AMD A6-3600
  • AMD A4-3420
  • AMD A4-3400
  • AMD A4-3330
  • AMD E2-3200
  • AMD Athlon II X4 651K
  • AMD Athlon II X4 651
  • AMD Athlon II X4 641
  • AMD Athlon II X4 638
  • AMD Athlon II X4 631
  • AMD Athlon II X2 221
  • AMD Sempron X2 198

AMD Propus (2011)

  • AMD Phenom II X4 850
  • AMD Phenom II X4 840
  • AMD Athlon II X4 650
  • AMD Athlon II X4 645
  • AMD Athlon II X4 640
  • AMD Athlon II X4 635
  • AMD Athlon II X4 630
  • AMD Athlon II X4 620
  • AMD Athlon II X4 620e
  • AMD Athlon II X4 615e
  • AMD Athlon II X4 610e
  • AMD Athlon II X4 605e
  • AMD Athlon II X4 600e

AMD Regor (2011)

  • AMD Phenom II X2 521
  • AMD Phenom II X2 511
  • AMD Athlon II X2 B30
  • AMD Athlon II X2 280
  • AMD Athlon II X2 B28
  • AMD Athlon II X2 270
  • AMD Athlon II X2 270u
  • AMD Athlon II X2 265
  • AMD Athlon II X2 260
  • AMD Athlon II X2 260u
  • AMD Athlon II X2 B26
  • AMD Athlon II X2 255
  • AMD Athlon II X2 250e
  • AMD Athlon II X2 250
  • AMD Athlon II X2 250u
  • AMD Athlon II X2 245e
  • AMD Athlon II X2 245
  • AMD Athlon II X2 240e
  • AMD Athlon II X2 240
  • AMD Athlon II X2 B24
  • AMD Athlon II X2 235e
  • AMD Athlon II X2 220
  • AMD Athlon II X2 B22
  • AMD Athlon II X2 215
  • AMD Athlon II X2 210e
  • AMD Sempron 190
  • AMD Sempron 180

AMD Zosma (2010)

  • AMD Phenom II X4 970 Black Edition
  • AMD Phenom II X4 960T Black Edition
  • AMD Phenom II X4 960T
  • AMD Phenom II X4 840T
  • AMD Phenom II X4 650T
  • AMD Athlon II X4 640

AMD Thuban (2010)

  • AMD Phenom II X6 1100T Black Edition
  • AMD Phenom II X6 1090T Black Edition
  • AMD Phenom II X6 1075T Black Edition
  • AMD Phenom II X6 1075T
  • AMD Phenom II X6 1065T
  • AMD Phenom II X6 1055T
  • AMD Phenom II X6 1045T
  • AMD Phenom II X6 1035T

AMD Sargas (2009)

  • AMD Athlon II 170u
  • AMD Athlon II 160u
  • AMD Sempron 150
  • AMD Sempron 145
  • AMD Sempron 140
  • AMD Sempron 130

AMD Deneb (2009)

  • AMD Phenom II 42 TWKR
  • AMD Phenom II X4 980 Black Edition
  • AMD Phenom II X4 975 Black Edition
  • AMD Phenom II X4 970 Black Edition
  • AMD Phenom II X4 965 Black Edition
  • AMD Phenom II X4 B99
  • AMD Phenom II X4 955 Black Edition
  • AMD Phenom II X4 955
  • AMD Phenom II X4 B97
  • AMD Phenom II X4 945
  • AMD Phenom II X4 940 Black Edition
  • AMD Phenom II X4 B95
  • AMD Phenom II X4 925
  • AMD Phenom II X4 920
  • AMD Phenom II X4 B93
  • AMD Phenom II X4 910e
  • AMD Phenom II X4 910
  • AMD Phenom II X4 905e
  • AMD Phenom II X4 900e
  • AMD Phenom II X4 830
  • AMD Phenom II X4 820
  • AMD Phenom II X4 810
  • AMD Phenom II X4 805

AMD Heka (2009)

  • AMD Phenom II X3 B77
  • AMD Phenom II X3 740 Black Edition
  • AMD Phenom II X3 B75
  • AMD Phenom II X3 720 Black Edition
  • AMD Phenom II X3 B73
  • AMD Phenom II X3 720
  • AMD Phenom II X3 715 Black Edition
  • AMD Phenom II X3 710
  • AMD Phenom II X3 705e
  • AMD Phenom II X3 700e

AMD Callisto (2009)

  • AMD Phenom II X2 570 Black Edition
  • AMD Phenom II X2 B60
  • AMD Phenom II X2 565 Black Edition
  • AMD Phenom II X2 B59
  • AMD Phenom II X2 560 Black Edition
  • AMD Phenom II X2 555 Black Edition
  • AMD Phenom II X2 B57
  • AMD Phenom II X2 550 Black Edition
  • AMD Phenom II X2 550
  • AMD Phenom II X2 B55
  • AMD Phenom II X2 545
  • AMD Phenom II X2 B53

AMD Rana (2009)

  • AMD Athlon II X3 460
  • AMD Athlon II X3 455
  • AMD Athlon II X3 450
  • AMD Athlon II X3 445
  • AMD Athlon II X3 440
  • AMD Athlon II X3 435
  • AMD Athlon II X3 425e
  • AMD Athlon II X3 425
  • AMD Athlon II X3 420e
  • AMD Athlon II X3 415e
  • AMD Athlon II X3 405e
  • AMD Athlon II X3 400e

AMD Agena (2008)

  • AMD Phenom X4 9950 Black Edition
  • AMD Phenom X4 9850 Black Edition
  • AMD Phenom X4 9850B
  • AMD Phenom X4 9850
  • AMD Phenom X4 9750B
  • AMD Phenom X4 9750
  • AMD Phenom X4 9650
  • AMD Phenom X4 9600B
  • AMD Phenom X4 9600
  • AMD Phenom X4 9550
  • AMD Phenom X4 9500
  • AMD Phenom X4 9450
  • AMD Phenom X4 9350
  • AMD Phenom X4 9150e
  • AMD Phenom X4 9100e

AMD Toliman (2008)

  • AMD Phenom X3 8850
  • AMD Phenom X3 8750 Black Edition
  • AMD Phenom X3 8750
  • AMD Phenom X3 8750B
  • AMD Phenom X3 8650
  • AMD Phenom X3 8600B
  • AMD Phenom X3 8600
  • AMD Phenom X3 8550
  • AMD Phenom X3 8450e
  • AMD Phenom X3 8450
  • AMD Phenom X3 8400
  • AMD Phenom X3 8250e

AMD Kuma (2008)

  • AMD Athlon X2 7850 Black Edition
  • AMD Athlon X2 7750 Black Edition
  • AMD Athlon X2 7550
  • AMD Athlon X2 7450
  • AMD Athlon X2 6500 Black Edition

AMD Brisbane (2007)

  • AMD Athlon X2 5600B
  • AMD Athlon X2 5400B
  • AMD Athlon X2 5200B
  • AMD Athlon X2 5000B
  • AMD Athlon X2 5050e
  • AMD Athlon X2 4850B
  • AMD Athlon X2 4850e
  • AMD Athlon X2 4450B
  • AMD Athlon X2 4450e
  • AMD Athlon X2 4050e
  • AMD Athlon X2 3250e
  • AMD Athlon X2 BE-2400
  • AMD Athlon X2 BE-2350
  • AMD Athlon X2 BE-2300
  • AMD Athlon 64 X2 6000+
  • AMD Athlon 64 X2 5800+
  • AMD Athlon 64 X2 5600+
  • AMD Athlon 64 X2 5400+ Black Edition
  • AMD Athlon 64 X2 5400+
  • AMD Athlon 64 X2 5200+
  • AMD Athlon 64 X2 5000+ Black Edition
  • AMD Athlon 64 X2 5000+
  • AMD Athlon 64 X2 4800+
  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4400+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 4000+
  • AMD Athlon 64 X2 3600+
  • AMD Sempron X2 2300
  • AMD Sempron X2 2200
  • AMD Sempron X2 2100

AMD Lima (2007)

  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3100+
  • AMD Athlon 64 2850e
  • AMD Athlon 64 2600+
  • AMD Athlon 64 2650e
  • AMD Athlon 64 2000+
  • AMD Athlon LE-1660
  • AMD Athlon LE-1640
  • AMD Athlon LE-1640B

AMD Sparta (2006)

  • AMD Sempron LE-1300
  • AMD Sempron LE-1250
  • AMD Sempron LE-1200
  • AMD Sempron LE-1150
  • AMD Sempron LE-1100

AMD Windsor (2006)

  • AMD Athlon 64 X2 6400+ Black Edition
  • AMD Athlon 64 X2 6000+
  • AMD Athlon 64 X2 5600+
  • AMD Athlon 64 X2 5400+
  • AMD Athlon 64 X2 5200+
  • AMD Athlon 64 X2 5000+
  • AMD Athlon 64 X2 4800+
  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4400+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 4000+
  • AMD Athlon 64 X2 3800+
  • AMD Athlon 64 X2 3600+

AMD Manila (2006)

  • AMD Sempron 3800+
  • AMD Sempron 3600+
  • AMD Sempron 3500+
  • AMD Sempron 3400+
  • AMD Sempron 3200+
  • AMD Sempron 3000+
  • AMD Sempron 2800+

AMD Orleans (2006)

  • AMD Athlon 64 4000+
  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 LE-1640
  • AMD Athlon 64 LE-1620
  • AMD Athlon 64 LE-1600

AMD Toledo (2005)

  • AMD Athlon 64 X2 4800+
  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4400+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 4000+
  • AMD Athlon 64 X2 3800+
  • AMD Athlon 64 X2 3700+

AMD Palermo (2005)

  • AMD Sempron 3500+
  • AMD Sempron 3400+
  • AMD Sempron 3300+
  • AMD Sempron 3200+
  • AMD Sempron 3100+
  • AMD Sempron 3000+
  • AMD Sempron 2800+
  • AMD Sempron 2600+
  • AMD Sempron 2500+

AMD Manchester (2005)

  • AMD Athlon 64 X2 4600+
  • AMD Athlon 64 X2 4200+
  • AMD Athlon 64 X2 3800+
  • AMD Athlon 64 X2 3600+
  • AMD Athlon 64 X2 3500+
  • AMD Athlon 64 X2 3200+

AMD San Diego (2005)

  • AMD Athlon 64 4000+
  • AMD Athlon 64 3700+
  • AMD Athlon 64 3500+

AMD Venice (2005)

  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3400+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 1500+

AMD Winchester (2004)

  • AMD Athlon 64 3500+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+

AMD Paris (2004)

  • AMD Sempron 3100+
  • AMD Sempron 3000+

AMD Clawhammer (2004)

  • AMD Athlon 64 4000+
  • AMD Athlon 64 3800+
  • AMD Athlon 64 3700+
  • AMD Athlon 64 3600+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3400+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 2800+

AMD Newcastle (2003)

  • AMD Athlon 64 3800+
  • AMD Athlon 64 3500+
  • AMD Athlon 64 3400+
  • AMD Athlon 64 3300+
  • AMD Athlon 64 3200+
  • AMD Athlon 64 3000+
  • AMD Athlon 64 2800+

Next Page > AMD Mobile CPUs Vulnerable To Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


AMD Mobile CPUs Vulnerable To Spectre

Affected Variants : AMD CPUs are affected by both Variants 1 and 2 of the speculative execution CPU bug. Colloquially, many people refer to them as Spectre 1 and Spectre 2. They are not vulnerable to Meltdown.

AMD Raven Ridge (2017)

  • AMD Ryzen 7 2700U
  • AMD Ryzen 5 2500U
  • AMD Ryzen 3 2300U
  • AMD Ryzen 3 2200U

AMD Bristol Ridge (2016)

  • AMD FX-9830P
  • AMD Pro A12-9830B
  • AMD FX-9800P
  • AMD Pro A12-9800B
  • AMD A12-9730P
  • AMD Pro A10-9730B
  • AMD A12-9720P
  • AMD A12-9700P
  • AMD Pro A10-9700B
  • AMD A10-9630P
  • AMD Pro A8-9630B
  • AMD A10-9620P
  • AMD A10-9600P
  • AMD Pro A8-9600B
  • AMD Pro A6-9500B

AMD Stoney Ridge (2015)

  • AMD A9-9430
  • AMD A9-9420
  • AMD A9-9410
  • AMD A9-9400
  • AMD A6-9220
  • AMD A6-9210
  • AMD A6-9200
  • AMD A6-9200e
  • AMD A4-9120
  • AMD E2-9010
  • AMD E2-9000
  • AMD E2-9000e

AMD Carrizo (2015)

  • AMD A10-8780P
  • AMD Pro A12-8800B
  • AMD FX-8800P
  • AMD Pro A10-8700B
  • AMD A10-8700P
  • AMD Pro A8-8600B
  • AMD A8-8600P
  • AMD Pro A6-8500B
  • AMD A6-8500P
  • AMD A8-7410
  • AMD A6-7310
  • AMD A4-7210
  • AMD E2-7110
  • AMD E1-7010

AMD Kaveri (2014)

  • AMD FX-7600P
  • AMD FX-7500
  • AMD A10-7400P
  • AMD Pro A10-7350B
  • AMD A10-7300
  • AMD A8-7200P
  • AMD Pro A8-7150B
  • AMD A8-7100
  • AMD Pro A6-7050B
  • AMD A6-7000

AMD Richland (2013)

  • AMD A10-5757M
  • AMD A10-5750M
  • AMD A10-5745M
  • AMD A8-5557M
  • AMD A8-5550M
  • AMD A8-5545M
  • AMD A6-5357M
  • AMD A6-5350M
  • AMD A6-5345M
  • AMD A4-5150M
  • AMD A4-5145M

AMD Trinity (2012)

  • AMD A10-4655M
  • AMD A10-4600M
  • AMD A8-4555M
  • AMD A8-4500M
  • AMD A6-4455M
  • AMD A6-4400M
  • AMD A4-4355M
  • AMD A4-4300M

AMD Llano (2011)

  • AMD A8-3550MX
  • AMD A8-3530MX
  • AMD A8-3520M
  • AMD A8-3510MX
  • AMD A8-3500M
  • AMD A6-3430MX
  • AMD A6-3420M
  • AMD A6-3410MX
  • AMD A6-3400M
  • AMD A4-3330MX
  • AMD A4-3320M
  • AMD A4-3310MX
  • AMD A4-3305M
  • AMD A4-3300M
  • AMD E2-3000M

AMD Champlain (2010)

  • AMD Phenom II X940 Black Edition
  • AMD Phenom II X920 Black Edition
  • AMD Phenom II N970
  • AMD Phenom II P960
  • AMD Phenom II N950
  • AMD Phenom II P940
  • AMD Phenom II N930
  • AMD Phenom II P920
  • AMD Phenom II N870
  • AMD Phenom II P860
  • AMD Phenom II N850
  • AMD Phenom II P840
  • AMD Phenom II N830
  • AMD Phenom II P820
  • AMD Phenom II N660
  • AMD Phenom II P650
  • AMD Phenom II N640
  • AMD Phenom II N620
  • AMD Phenom II X640 Black Edition
  • AMD Phenom II X620 Black Edition
  • AMD Athlon II N370
  • AMD Athlon II P360
  • AMD Athlon II N350
  • AMD Athlon II P340
  • AMD Athlon II N330
  • AMD Athlon II P320
  • AMD Athlon II Neo K145
  • AMD Athlon II Neo K125
  • AMD Turion II Neo K685
  • AMD Turion II Neo K665
  • AMD Turion II Neo K645
  • AMD Turion II Neo K625
  • AMD Turion II N570
  • AMD Turion II P560
  • AMD Turion II N550
  • AMD Turion II P540
  • AMD Turion II N530
  • AMD Turion II P520
  • AMD V160
  • AMD V140
  • AMD V120
  • AMD V105

AMD Geneva (2010)

  • AMD Turion II Neo N54L
  • AMD Turion II K685
  • AMD Turion II K665
  • AMD Turion II K645
  • AMD Turion II K625

AMD Caspian (2009)

  • AMD Turion II Ultra M660
  • AMD Turion II Ultra M640
  • AMD Turion II Ultra M620
  • AMD Turion II Ultra M600
  • AMD Turion II M560
  • AMD Turion II M540
  • AMD Turion II M520
  • AMD Turion II M500
  • AMD Athlon II M360
  • AMD Athlon II M340
  • AMD Athlon II M320
  • AMD Athlon II M300
  • AMD Sempron M140
  • AMD Sempron M120
  • AMD Sempron M100

AMD Conesus (2009)

  • AMD Athlon Neo X2 L510
  • AMD Athlon Neo X2 L335
  • AMD Athlon Neo X2 L325

AMD Sherman (2009)

  • AMD Athlon Neo TF-20

AMD Huron (2009)

  • AMD Athlon Neo MV-40
  • AMD Sempron 210U
  • AMD Sempron 200U

AMD Sable (2008)

  • AMD Sempron SI-42
  • AMD Sempron SI-40

AMD Sherman (2007)

  • AMD Mobile Sempron 4000+
  • AMD Mobile Sempron 3800+
  • AMD Mobile Sempron 3700+
  • AMD Mobile Sempron 3600+
  • AMD Sempron 2100+ fanless

AMD Keene (2006)

  • AMD Mobile Sempron 3600+
  • AMD Mobile Sempron 3500+
  • AMD Mobile Sempron 3400+
  • AMD Mobile Sempron 3200+

AMD Newark (2005)

  • AMD Mobile Athlon 64 4000+
  • AMD Mobile Athlon 64 3700+
  • AMD Mobile Athlon 64 3400+
  • AMD Mobile Athlon 64 3200+
  • AMD Mobile Athlon 64 3000+

AMD Albany (2005)

  • AMD Mobile Sempron 3600+
  • AMD Mobile Sempron 3400+
  • AMD Mobile Sempron 3300+
  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+

AMD Roma (2005)

  • AMD Mobile Sempron 3400+
  • AMD Mobile Sempron 3300+
  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+

AMD Oakville (2004)

  • AMD Mobile Athlon 64 3000+
  • AMD Mobile Athlon 64 2800+
  • AMD Mobile Athlon 64 2700+

AMD Georgetown (2004)

  • AMD Mobile Sempron 3300+
  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+
  • AMD Mobile Sempron 2600+

AMD Sonora (2004)

  • AMD Mobile Sempron 3100+
  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+
  • AMD Mobile Sempron 2600+

AMD Dublin (2004)

  • AMD Mobile Sempron 3000+
  • AMD Mobile Sempron 2800+
  • AMD Mobile Sempron 2600+

AMD Odessa (2004)

  • AMD Mobile Athlon 64 3000+
  • AMD Mobile Athlon 64 2800+
  • AMD Mobile Athlon 64 2700+

AMD Clawhammer (2004)

  • AMD Mobile Athlon 64 3700+
  • AMD Mobile Athlon 64 3400+
  • AMD Mobile Athlon 64 3200+
  • AMD Mobile Athlon 64 3000+
  • AMD Mobile Athlon 64 2800+
  • AMD Mobile Athlon 64 2700+

Next Page > Apple, ARM & Intel CPUs Vulnerable To Meltdown & Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


The Apple CPUs Vulnerable To Meltdown / Spectre

Apple makes custom processors based on the ARM microarchitecture. They have not released specific information on which of their processors are affected by which exploit, but this is what we know so far.

Affected Variants : Apple only issued a general notice that their processors are affected by both Meltdown and Spectre, not the specific variants.

  • Apple A4
  • Apple A5
  • Apple A5X
  • Apple A6
  • Apple A6X
  • Apple A7
  • Apple A8
  • Apple A8X
  • Apple A9
  • Apple A9X
  • Apple A10 Fusion
  • Apple A10X Fusion
  • Apple A11 Bionic

Vulnerable iOS or tvOS Devices : Apple was vague about the iOS devices that were affected, but based on the affected CPU cores, here are the iOS devices that are vulnerable to Meltdown and Spectre :

  • Apple iPad, iPad 2, iPad 3, iPad 4
  • Apple iPad Air, iPad Air 2
  • Apple iPad Mini, iPad Mini 2, iPad Mini 3
  • Apple iPad Pro (9.7″, 10.5″ and 12.9″)
  • Apple iPhone 4, iPhone 4S, iPhone 5, iPhone 5C, iPhone 5S, iPhone 6, iPhone 6 Plus, iPhone 6S, iPhone 6S Plus, iPhone SE, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X
  • Apple iPod Touch 4th Generation, iPod Touch 5th Generation, iPod Touch 6th Generation
  • Apple TV 2nd Generation, 3rd Generation, 4th Generation and 5th Generation

 

The ARM CPUs Vulnerable To Meltdown / Spectre

ARM CPUs Vulnerable To All Three Variants

Affected Variants : Variants 1 and 2, and either Variant 3 or Variant 3a, of the speculative execution CPU bug. They are vulnerable to Meltdown and both variants of Spectre.

  • ARM Cortex-A75
  • ARM Cortex-A72
  • ARM Cortex-A57
  • ARM Cortex-A15

Mobile SoCs Using These ARM CPUs (Not Exhaustive)

  • HiSilicon Kirin 955
  • HiSilicon Kirin 950
  • HiSilicon Kirin 928
  • HiSilicon Kirin 925
  • HiSilicon Kirin 920
  • MediaTek Helio X27 (MT6797X)
  • MediaTek Helio X25 (MT6797T)
  • MediaTek Helio X23 (MT6707D)
  • MediaTek Helio X20 (MT6797)
  • MediaTek MT8173
  • MediaTek MT8135 / MT8135V
  • MediaTek MT6795
  • NVIDIA Tegra X2
  • NVIDIA Tegra X1
  • NVIDIA Tegra K1
  • NVIDIA Tegra 4
  • Qualcomm Snapdragon 845
  • Qualcomm Snapdragon 810 / 808
  • Qualcomm Snapdragon 670
  • Qualcomm Snapdragon 653 / 652 / 650
  • Qualcomm Snapdragon 640
  • Samsung Exynos 7420
  • Samsung Exynos 5800
  • Samsung Exynos 5433
  • Samsung Exynos 5422 / 5420
  • Samsung Exynos 5410
  • Samsung Exynos 5260
  • Samsung Exynos 5250
  • Samsung Exynos 5 Dual (Exynos 5250)

AMD Server SoCs Using These ARM CPUs

  • AMD Opteron A1170
  • AMD Opteron A1150
  • AMD Opteron A1120

NVIDIA Devices Using These ARM CPUs (Not Exhaustive)

  • NVIDIA SHIELD TV (ARM Cortex-A57)
  • NVIDIA SHIELD Tablet (ARM Cortex-A15)
  • NVIDIA Jetson TX2 (ARM Cortex-A57)
  • NVIDIA Jetson TX1 (ARM Cortex-A57)
  • NVIDIA Jetson TK1 (ARM Cortex-A15)
  • NVIDIA Jetson Tegra K1 (ARM Cortex-A15)

Digital TV / Media Player SoCs Using These ARM CPUs (Not Exhaustive)

  • Rockchip RK3399

Industrial SoCs Using These ARM CPUs (Not Exhaustive)

  • Texas Instruments Sitara AM5728
  • Texas Instruments Sitara AM5726
  • Texas Instruments Sitara AM5718
  • Texas Instruments Sitara AM5716
  • Texas Instruments Sitara AM5708
  • Texas Instruments Sitara AM5706
  • Texas Instruments Sitara AM5K2E04
  • Texas Instruments Sitara AM5K2E02

 

ARM CPUs Vulnerable To Only Spectre 1 & 2

Affected Variant : Variants 1 and 2 of the speculative execution CPU bug. They are not vulnerable to Meltdown.

  • ARM Cortex-A73
  • ARM Cortex-A17
  • ARM Cortex-A12
  • ARM Cortex-A9
  • ARM Cortex-A8
  • ARM Cortex-R8
  • ARM Cortex-R7

Mobile SoCs Using These ARM CPUs (Not Exhaustive)

  • HiSilicon Kirin 970
  • HiSilicon Kirin 960
  • HiSilicon Kirin 910 / 910T
  • HiSilicon K3V2 / K3V2E
  • MediaTek Helio P70
  • MediaTek Helio P40
  • MediaTek Helio X30 (MT6799)
  • MediaTek MT8377
  • MediaTek MT8317 / MT8317T
  • MediaTek MT6595 / MT6595M / MT6595 Turbo
  • MediaTek MT6577 / MT6577T
  • MediaTek MT6575 / MT6575M
  • MediaTek MT6517 / MT6517T
  • MediaTek MT6515
  • NVIDIA Tegra 4i
  • NVIDIA Tegra 3
  • NVIDIA Tegra 2
  • Qualcomm Snapdragon 835
  • Qualcomm Snapdragon 653
  • Samsung Exynos 9610
  • Samsung Exynos 7885
  • Samsung Exynos 7872
  • Samsung Exynos 4415 / 4412
  • Samsung Exynos 4212 / 4210
  • Samsung Exynos 3110

Tablet SoCs Using These ARM CPUs (Not Exhaustive)

  • Amlogic AML8726-M / M3
  • Amlogic AML8726-M6 / Amlogic MX
  • Amlogic M802
  • Amlogic M801

Digital TV / Media Player SoCs Using These ARM CPUs (Not Exhaustive)

  • Amlogic S812
  • Amlogic S802
  • MediaTek MT5595
  • MediaTek MT5580
  • MediaTek MT5505
  • MediaTek MT5398
  • Panasonic UniPhier MN2WS0220
  • Rockchip RK3288
  • Rockchip RK3188 / RK3188T / RK3168
  • Rockchip RK3066
  • Rockchip RK2928 / RK2926 / RK2918 / RK2906
  • Rockchip RK2818

Industrial SoCs Using These ARM CPUs (Not Exhaustive)

  • Texas Instruments Sitara AMIC120
  • Texas Instruments Sitara AMIC110
  • Texas Instruments Sitara AM4388
  • Texas Instruments Sitara AM4384
  • Texas Instruments Sitara AM4382
  • Texas Instruments Sitara AM4379
  • Texas Instruments Sitara AM4378
  • Texas Instruments Sitara AM4377
  • Texas Instruments Sitara AM4376
  • Texas Instruments Sitara AM4372
  • Texas Instruments Sitara AM3894
  • Texas Instruments Sitara AM3892
  • Texas Instruments Sitara AM3874
  • Texas Instruments Sitara AM3871
  • Texas Instruments Sitara AM3715
  • Texas Instruments Sitara AM3703
  • Texas Instruments Sitara AM3517
  • Texas Instruments Sitara AM3505
  • Texas Instruments Sitara AM3359
  • Texas Instruments Sitara AM3358 / AM3358-EP
  • Texas Instruments Sitara AM3357
  • Texas Instruments Sitara AM3356
  • Texas Instruments Sitara AM3354
  • Texas Instruments Sitara AM3352
  • Texas Instruments Sitara AM3351
  • Texas Instruments Sitara AM1810
  • Texas Instruments Sitara AM1808
  • Texas Instruments Sitara AM1806
  • Texas Instruments Sitara AM1802
  • Texas Instruments Sitara AM1707
  • Texas Instruments Sitara AM1705
  • Texas Instruments Sitara OMAP3515
  • Texas Instruments Sitara OMAP3503 / OMAP3503-HIREL

Embedded Computers Using These ARM CPUs (Not Exhaustive)

  • VIA VAB-1000
  • VIA VAB-820 / VAB-800
  • VIA VAB-630 / VAB-600
  • VIA ALTA DS
  • VIA QSM-8Q60
  • VIA SOM-6X50
  • VIA VTS-8589

 

IBM POWER CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These IBM POWER CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

  • IBM POWER4
  • IBM POWER4+
  • IBM POWER5
  • IBM POWER5+
  • IBM POWER6
  • IBM POWER6+
  • IBM POWER7
  • IBM POWER7+
  • IBM POWER8
    – including IBM Murano, IBM Turismo, PowerCore CP1
  • IBM POWER8 with NVLink / POWER8+
  • IBM POWER9
    – IBM Nimbus, IBM Cumulus

 

IBM z/Architecture CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These IBM z/Architecture CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

  • IBM z14
  • IBM z13
  • IBM zEC12
  • IBM z196
  • IBM z10

[adrotate group=”1″]

 

Intel UMPC / Smartphone SoCs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel SoCs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Apollo Lake (2016)

  • Intel Atom x7-E3950
  • Intel Atom x7-E3940
  • Intel Atom x7-E3930

Intel Braswell (2016)

  • Intel Atom x5-E8000

Intel Cherry Trail-T (2015)

  • Intel Atom X7-Z8750
  • Intel Atom X7-Z8700
  • Intel Atom X7-Z8550
  • Intel Atom X7-Z8500
  • Intel Atom X7-Z8350
  • Intel Atom X7-Z8330
  • Intel Atom X7-Z8300

Intel SoFIA (2015)

  • Intel Atom x3-C3445
  • Intel Atom x3-C3405
  • Intel Atom x3-C3400
  • Intel Atom x3-C3295RK
  • Intel Atom x3-C3265RK
  • Intel Atom x3-C3235RK
  • Intel Atom x3-C3230RK
  • Intel Atom x3-C3205RK
  • Intel Atom x3-C3200RK
  • Intel Atom x3-C3130

Intel Moorefield (2014)

  • Intel Atom Z3590
  • Intel Atom Z3580
  • Intel Atom Z3570
  • Intel Atom Z3560
  • Intel Atom Z3530

Intel Merrifield (2014)

  • Intel Atom Z3480
  • Intel Atom Z3460

Intel Bay Trail-T (2013)

  • Intel Atom Z3795
  • Intel Atom Z3785
  • Intel Atom Z3775
  • Intel Atom Z3775D
  • Intel Atom Z3770
  • Intel Atom Z3770D
  • Intel Atom Z3745
  • Intel Atom Z3745D
  • Intel Atom Z3740
  • Intel Atom Z3740D
  • Intel Atom Z3736F
  • Intel Atom Z3736G
  • Intel Atom Z3735D
  • Intel Atom Z3735E
  • Intel Atom Z3735F
  • Intel Atom Z3735G
  • Intel Atom Z3680
  • Intel Atom Z3680D

Intel Bay Trail-I (2013)

  • Intel Atom E3845
  • Intel Atom E3827
  • Intel Atom E3826
  • Intel Atom E3825
  • Intel Atom E3815
  • Intel Atom E3805

Next Page > Intel Server / Workstation CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Intel Server / Workstation CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Knights Mill (2017)

  • Intel Xeon Phi 7295
  • Intel Xeon Phi 7285
  • Intel Xeon Phi 7235

Intel Skylake-W (2017)

  • Intel Xeon W-2195
  • Intel Xeon W-2175
  • Intel Xeon W-2155
  • Intel Xeon W-2150B
  • Intel Xeon W-2145
  • Intel Xeon W-2140B
  • Intel Xeon W-2135
  • Intel Xeon W-2133
  • Intel Xeon W-2125
  • Intel Xeon W-2123
  • Intel Xeon W-2104
  • Intel Xeon W-2102

Intel Skylake-SP (2017)

  • Intel Xeon Platinum 8180
  • Intel Xeon Platinum 8180M
  • Intel Xeon Platinum 8176
  • Intel Xeon Platinum 8176F
  • Intel Xeon Platinum 8176M
  • Intel Xeon Platinum 8173M
  • Intel Xeon Platinum 8170
  • Intel Xeon Platinum 8170M
  • Intel Xeon Platinum 8168
  • Intel Xeon Platinum 8167M
  • Intel Xeon Platinum 8164
  • Intel Xeon Platinum 8163
  • Intel Xeon Platinum 8160
  • Intel Xeon Platinum 8160F
  • Intel Xeon Platinum 8160M
  • Intel Xeon Platinum 8160T
  • Intel Xeon Platinum 8158
  • Intel Xeon Platinum 8156
  • Intel Xeon Platinum 8153
  • Intel Xeon Gold 6161
  • Intel Xeon Gold 6154
  • Intel Xeon Gold 6152
  • Intel Xeon Gold 6150
  • Intel Xeon Gold 6149
  • Intel Xeon Gold 6148
  • Intel Xeon Gold 6148F
  • Intel Xeon Gold 6146
  • Intel Xeon Gold 6145
  • Intel Xeon Gold 6144
  • Intel Xeon Gold 6142
  • Intel Xeon Gold 6142F
  • Intel Xeon Gold 6142M
  • Intel Xeon Gold 6140
  • Intel Xeon Gold 6140M
  • Intel Xeon Gold 6138
  • Intel Xeon Gold 6138F
  • Intel Xeon Gold 6138T
  • Intel Xeon Gold 6136
  • Intel Xeon Gold 6134
  • Intel Xeon Gold 6134M
  • Intel Xeon Gold 6132
  • Intel Xeon Gold 6130
  • Intel Xeon Gold 6130F
  • Intel Xeon Gold 6130T
  • Intel Xeon Gold 6128
  • Intel Xeon Gold 6126
  • Intel Xeon Gold 6126F
  • Intel Xeon Gold 6126T
  • Intel Xeon Gold 6122
  • Intel Xeon Gold 6120
  • Intel Xeon Gold 6120T
  • Intel Xeon Gold 6119T
  • Intel Xeon Gold 6118
  • Intel Xeon Gold 6117
  • Intel Xeon Gold 6117F
  • Intel Xeon Gold 6115
  • Intel Xeon Silver 4116
  • Intel Xeon Silver 4116T
  • Intel Xeon Silver 4114
  • Intel Xeon Silver 4114T
  • Intel Xeon Silver 4112
  • Intel Xeon Silver 4110
  • Intel Xeon Silver 4109T
  • Intel Xeon Silver 4108
  • Intel Xeon Bronze 3106
  • Intel Xeon Bronze 3104

Intel Denverton (2017)

  • Intel Atom C3958
  • Intel Atom C3955
  • Intel Atom C3950
  • Intel Atom C3855
  • Intel Atom C3850
  • Intel Atom C3830
  • Intel Atom C3808
  • Intel Atom C3758
  • Intel Atom C3750
  • Intel Atom C3708
  • Intel Atom C3558
  • Intel Atom C3538
  • Intel Atom C3508
  • Intel Atom C3338
  • Intel Atom C3308

Intel Kaby Lake-DT (2017)

  • Intel Xeon E3-1285 v6
  • Intel Xeon E3-1280 v6
  • Intel Xeon E3-1275 v6
  • Intel Xeon E3-1270 v6
  • Intel Xeon E3-1245 v6
  • Intel Xeon E3-1240 v6
  • Intel Xeon E3-1230 v6
  • Intel Xeon E3-1225 v6
  • Intel Xeon E3-1220 v6

Intel Kaby Lake-H (2017)

  • Intel Xeon E3-1535M
  • Intel Xeon E3-1505M
  • Intel Xeon E3-1505L
  • Intel Xeon E3-1501L
  • Intel Xeon E3-1501M

Intel Knights Landing (2016)

  • Intel Xeon Phi 7290F
  • Intel Xeon Phi 7290
  • Intel Xeon Phi 7250F
  • Intel Xeon Phi 7250
  • Intel Xeon Phi 7230F
  • Intel Xeon Phi 7230
  • Intel Xeon Phi 7210F
  • Intel Xeon Phi 7210

Intel Skylake-H (2016)

  • Intel Xeon E3-1585 v5
  • Intel Xeon E3-1585L v5
  • Intel Xeon E3-1578L v5
  • Intel Xeon E3-1575M v5
  • Intel Xeon E3-1565L v5
  • Intel Xeon E3-1558L v5
  • Intel Xeon E3-1545M v5
  • Intel Xeon E3-1535M v5
  • Intel Xeon E3-1515M v5
  • Intel Xeon E3-1505M v5
  • Intel Xeon E3-1505L v5

Intel Broadwell-EX (2016)

  • Intel E7-8894 v4
  • Intel E7-8893 v4
  • Intel E7-8891 v4
  • Intel E7-8890 v4
  • Intel E7-8880 v4
  • Intel E7-8870 v4
  • Intel E7-8867 v4
  • Intel E7-8860 v4
  • Intel E7-8855 v4
  • Intel E7-4850 v4
  • Intel E7-4830 v4
  • Intel E7-4820 v4
  • Intel E7-4809 v4

Intel Broadwell-EP (2016)

  • Intel Xeon E5-4669 v4
  • Intel Xeon E5-4667 v4
  • Intel Xeon E5-4660 v4
  • Intel Xeon E5-4650 v4
  • Intel Xeon E5-4640 v4
  • Intel Xeon E5-4628L v4
  • Intel Xeon E5-4627 v4
  • Intel Xeon E5-4620 v4
  • Intel Xeon E5-4610 v4
  • Intel Xeon E5-2699 v4
  • Intel Xeon E5-2699A v4
  • Intel Xeon E5-2699C v4
  • Intel Xeon E5-2699P v4
  • Intel Xeon E5-2699R v4
  • Intel Xeon E5-2698 v4
  • Intel Xeon E5-2697 v4
  • Intel Xeon E5-2697A v4
  • Intel Xeon E5-2696 v4
  • Intel Xeon E5-2695 v4
  • Intel Xeon E5-2690 v4
  • Intel Xeon E5-2689 v4
  • Intel Xeon E5-2689A v4
  • Intel Xeon E5-2687W v4
  • Intel Xeon E5-2686 v4
  • Intel Xeon E5-2683 v4
  • Intel Xeon E5-2682 v4
  • Intel Xeon E5-2680 v4
  • Intel Xeon E5-2679 v4
  • Intel Xeon E5-2676 v4
  • Intel Xeon E5-2676 v4
  • Intel Xeon AWS-1100 v4
  • Intel Xeon E5-2667 v4
  • Intel Xeon E5-2666 v4
  • Intel Xeon E5-2660 v4
  • Intel Xeon E5-2658 v4
  • Intel Xeon E5-2650 v4
  • Intel Xeon E5-2650L v4
  • Intel Xeon E5-2648L v4
  • Intel Xeon E5-2643 v4
  • Intel Xeon E5-2640 v4
  • Intel Xeon E5-2637 v4
  • Intel Xeon E5-2630 v4
  • Intel Xeon E5-2630L v4
  • Intel Xeon E5-2628L v4
  • Intel Xeon E5-2623 v4
  • Intel Xeon E5-2620 v4
  • Intel Xeon E5-2618L v4
  • Intel Xeon E5-2609 v4
  • Intel Xeon E5-2608L v4
  • Intel Xeon E5-2607 v4
  • Intel Xeon E5-2603 v4
  • Intel Xeon E5-1680 v4
  • Intel Xeon E5-1660 v4
  • Intel Xeon E5-1650 v4
  • Intel Xeon E5-1630 v4
  • Intel Xeon E5-1620 v4
  • Intel Xeon E5-1607 v4
  • Intel Xeon E5-1603 v4

Intel Skylake-DT (2015)

  • Intel Xeon E5-1280 v5
  • Intel Xeon E5-1275 v5
  • Intel Xeon E5-1270 v5
  • Intel Xeon E5-1268L v5
  • Intel Xeon E5-1260L v5
  • Intel Xeon E5-1245 v5
  • Intel Xeon E5-1240 v5
  • Intel Xeon E5-1240L v5
  • Intel Xeon E5-1235L v5
  • Intel Xeon E5-1230 v5
  • Intel Xeon E5-1225 v5
  • Intel Xeon E5-1220 v5

Intel Broadwell-H (2015)

  • Intel Xeon E3-1285 v4
  • Intel Xeon E3-1285L v4
  • Intel Xeon E3-1284L v4
  • Intel Xeon E3-1278L v4
  • Intel Xeon E3-1270L v4
  • Intel Xeon E3-1265L v4
  • Intel Xeon E3-1258L v4

Intel Broadwell-DE (2015)

  • Intel Xeon D-1587
  • Intel Xeon D-1581
  • Intel Xeon D-1577
  • Intel Xeon D-1571
  • Intel Xeon D-1567
  • Intel Xeon D-1559
  • Intel Xeon D-1557
  • Intel Xeon D-1553N
  • Intel Xeon D-1548
  • Intel Xeon D-1543N
  • Intel Xeon D-1541
  • Intel Xeon D-1540
  • Intel Xeon D-1539
  • Intel Xeon D-1537
  • Intel Xeon D-1533N
  • Intel Xeon D-1531
  • Intel Xeon D-1529
  • Intel Xeon D-1528
  • Intel Xeon D-1527
  • Intel Xeon D-1523N
  • Intel Xeon D-1521
  • Intel Xeon D-1520
  • Intel Xeon D-1518
  • Intel Xeon D-1513N
  • Intel Pentium D1519
  • Intel Pentium D1517
  • Intel Pentium D1509
  • Intel Pentium D1508
  • Intel Pentium D1507

Intel Haswell-EX (2015)

  • Intel Xeon E7-8895 v3
  • Intel Xeon E7-8893 v3
  • Intel Xeon E7-8891 v3
  • Intel Xeon E7-8890 v3
  • Intel Xeon E7-8880 v3
  • Intel Xeon E7-8880L v3
  • Intel Xeon E7-8870 v3
  • Intel Xeon E7-8867 v3
  • Intel Xeon E7-8860 v3
  • Intel Xeon E7-4850 v3
  • Intel Xeon E7-4830 v3
  • Intel Xeon E7-4820 v3
  • Intel Xeon E7-4809 v3

Intel Haswell-EN (2015)

  • Intel Xeon E5-2438L v3
  • Intel Xeon E5-2428L v3
  • Intel Xeon E5-2418L v3
  • Intel Xeon E5-2408L v3
  • Intel Xeon E5-1428L v3

Intel Haswell-EP (2014)

  • Intel Xeon E5-4669 v3
  • Intel Xeon E5-4667 v3
  • Intel Xeon E5-4660 v3
  • Intel Xeon E5-4655 v3
  • Intel Xeon E5-4650 v3
  • Intel Xeon E5-4648 v3
  • Intel Xeon E5-4640 v3
  • Intel Xeon E5-4627 v3
  • Intel Xeon E5-4620 v3
  • Intel Xeon E5-4610 v3
  • Intel Xeon E5-2699 v3
  • Intel Xeon E5-2698 v3
  • Intel Xeon E5-2698A v3
  • Intel Xeon E5-2698B v3
  • Intel Xeon E5-2697 v3
  • Intel Xeon E5-2696 v3
  • Intel Xeon E5-2695 v3
  • Intel Xeon E5-2693 v3
  • Intel Xeon E5-2692 v3
  • Intel Xeon E5-2695 v3
  • Intel Xeon E5-2690 v3
  • Intel Xeon E5-2687W v3
  • Intel Xeon E5-2685 v3
  • Intel Xeon E5-2683 v3
  • Intel Xeon E5-2680 v3
  • Intel Xeon E5-2678 v3
  • Intel Xeon E5-2676 v3
  • Intel Xeon E5-2675 v3
  • Intel Xeon E5-2673 v3
  • Intel Xeon E5-2670 v3
  • Intel Xeon E5-2669 v3
  • Intel Xeon E5-2667 v3
  • Intel Xeon E5-2666 v3
  • Intel Xeon E5-2663 v3
  • Intel Xeon E5-2660 v3
  • Intel Xeon E5-2658 v3
  • Intel Xeon E5-2658A v3
  • Intel Xeon E5-2652 v3
  • Intel Xeon E5-2650 v3
  • Intel Xeon E5-2650L v3
  • Intel Xeon E5-2649 v3
  • Intel Xeon E5-2643 v3
  • Intel Xeon E5-2640 v3
  • Intel Xeon E5-2648L v3
  • Intel Xeon E5-2637 v3
  • Intel Xeon E5-2630 v3
  • Intel Xeon E5-2630L v3
  • Intel Xeon E5-2629 v3
  • Intel Xeon E5-2628 v3
  • Intel Xeon E5-2628L v3
  • Intel Xeon E5-2623 v3
  • Intel Xeon E5-2622 v3
  • Intel Xeon E5-2620 v3
  • Intel Xeon E5-2618L v3
  • Intel Xeon E5-2609 v3
  • Intel Xeon E5-2608L v3
  • Intel Xeon E5-2603 v3
  • Intel Xeon E5-1691 v3
  • Intel Xeon E5-1686 v3
  • Intel Xeon E5-1681 v3
  • Intel Xeon E5-1680 v3
  • Intel Xeon E5-1660 v3
  • Intel Xeon E5-1650 v3
  • Intel Xeon E5-1630 v3
  • Intel Xeon E5-1620 v3
  • Intel Xeon E5-1607 v3
  • Intel Xeon E5-1603 v3

Intel Ivy Bridge-EN (2014)

  • Intel Xeon E5-2470 v2
  • Intel Xeon E5-2450 v2
  • Intel Xeon E5-2450L v2
  • Intel Xeon E5-2448L v2
  • Intel Xeon E5-2440 v2
  • Intel Xeon E5-2430 v2
  • Intel Xeon E5-2430L v2
  • Intel Xeon E5-2428L v2
  • Intel Xeon E5-2420 v2
  • Intel Xeon E5-2418L v2
  • Intel Xeon E5-2407 v2
  • Intel Xeon E5-2403 v2
  • Intel Xeon E5-1428L v2
  • Intel Xeon E5-1410 v2

Intel Ivy Bridge-EX (2014)

  • Intel Xeon E7-8895 v2
  • Intel Xeon E7-8893 v2
  • Intel Xeon E7-8891 v2
  • Intel Xeon E7-8890 v2
  • Intel Xeon E7-8880 v2
  • Intel Xeon E7-8880L v2
  • Intel Xeon E7-8870 v2
  • Intel Xeon E7-8857 v2
  • Intel Xeon E7-8850 v2
  • Intel Xeon E7-4890 v2
  • Intel Xeon E7-4880 v2
  • Intel Xeon E7-4870 v2
  • Intel Xeon E7-4860 v2
  • Intel Xeon E7-4850 v2
  • Intel Xeon E7-4830 v2
  • Intel Xeon E7-4820 v2
  • Intel Xeon E7-4809 v2
  • Intel Xeon E7-2890 v2
  • Intel Xeon E7-2880 v2
  • Intel Xeon E7-2870 v2
  • Intel Xeon E7-2850 v2

[adrotate group=”1″]

Intel Rangeley (2013)

  • Intel Atom C2758
  • Intel Atom C2738
  • Intel Atom C2718
  • Intel Atom C2558
  • Intel Atom C2538
  • Intel Atom C2518
  • Intel Atom C2516
  • Intel Atom C2508
  • Intel Atom C2358
  • Intel Atom C2338
  • Intel Atom C2316
  • Intel Atom C2308

Intel Avoton (2013)

  • Intel Atom C2750
  • Intel Atom C2730
  • Intel Atom C2550
  • Intel Atom C2530
  • Intel Atom C2350

Intel Haswell-WS (2013)

  • Intel Xeon E3-1286 v3
  • Intel Xeon E3-1286L v3
  • Intel Xeon E3-1285 v3
  • Intel Xeon E3-1285L v3
  • Intel Xeon E3-1284L v3
  • Intel Xeon E3-1281 v3
  • Intel Xeon E3-1280 v3
  • Intel Xeon E3-1276 v3
  • Intel Xeon E3-1275 v3
  • Intel Xeon E3-1275L v3
  • Intel Xeon E3-1271 v3
  • Intel Xeon E3-1270 v3
  • Intel Xeon E3-1268L v3
  • Intel Xeon E3-1265L v3
  • Intel Xeon E3-1246 v3
  • Intel Xeon E3-1245 v3
  • Intel Xeon E3-1241 v3
  • Intel Xeon E3-1240 v3
  • Intel Xeon E3-1240L v3
  • Intel Xeon E3-1230L v3
  • Intel Xeon E3-1231 v3
  • Intel Xeon E3-1230 v3
  • Intel Xeon E3-1226 v3
  • Intel Xeon E3-1225 v3
  • Intel Xeon E3-1220 v3
  • Intel Xeon E3-1220L v3

Intel Ivy Bridge-EP (2013)

  • Intel Xeon E5-4657L v2
  • Intel Xeon E5-4650 v2
  • Intel Xeon E5-4640 v2
  • Intel Xeon E5-4627 v2
  • Intel Xeon E5-4624L v2
  • Intel Xeon E5-4620 v2
  • Intel Xeon E5-4610 v2
  • Intel Xeon E5-4607 v2
  • Intel Xeon E5-4603 v2
  • Intel Xeon E5-2697 v2
  • Intel Xeon E5-2696 v2
  • Intel Xeon E5-2695 v2
  • Intel Xeon E5-2692 v2
  • Intel Xeon E5-2690 v2
  • Intel Xeon E5-2687W v2
  • Intel Xeon E5-2680 v2
  • Intel Xeon E5-2673 v2
  • Intel Xeon E5-2670 v2
  • Intel Xeon E5-2667 v2
  • Intel Xeon E5-2660 v2
  • Intel Xeon E5-2658 v2
  • Intel Xeon E5-2651 v2
  • Intel Xeon E5-2650 v2
  • Intel Xeon E5-2650L v2
  • Intel Xeon E5-2648L v2
  • Intel Xeon E5-2643 v2
  • Intel Xeon E5-2640 v2
  • Intel Xeon E5-2637 v2
  • Intel Xeon E5-2630 v2
  • Intel Xeon E5-2630L v2
  • Intel Xeon E5-2628L v2
  • Intel Xeon E5-2620 v2
  • Intel Xeon E5-2618L v2
  • Intel Xeon E5-2609 v2
  • Intel Xeon E5-2603 v2
  • Intel Xeon E5-1680 v2
  • Intel Xeon E5-1660 v2
  • Intel Xeon E5-1650 v2
  • Intel Xeon E5-1620 v2
  • Intel Xeon E5-1607 v2

Intel Gladden – Ivy Bridge (2013)

  • Intel Xeon E3-1135C v2
  • Intel Xeon E3-1125C v2
  • Intel Xeon E3-1105C v2

Intel Ivy Bridge (2012)

  • Intel Xeon E-1290 v2
  • Intel Xeon E-1280 v2
  • Intel Xeon E-1275 v2
  • Intel Xeon E-1270 v2
  • Intel Xeon E-1265L v2
  • Intel Xeon E-1245 v2
  • Intel Xeon E-1240 v2
  • Intel Xeon E-1230 v2
  • Intel Xeon E-1225 v2
  • Intel Xeon E-1220 v2
  • Intel Xeon E-1220L v2
  • Intel Pentium 1405 v2
  • Intel Pentium 1403 v2

Intel Sandy Bridge-EP (2012)

  • Intel Xeon E5-4650
  • Intel Xeon E5-4650L
  • Intel Xeon E5-4640
  • Intel Xeon E5-4620
  • Intel Xeon E5-4617
  • Intel Xeon E5-4610
  • Intel Xeon E5-4607
  • Intel Xeon E5-4603
  • Intel Xeon E5-2690
  • Intel Xeon E5-2689
  • Intel Xeon E5-2687W
  • Intel Xeon E5-2680
  • Intel Xeon E5-2670
  • Intel Xeon E5-2667
  • Intel Xeon E5-2665
  • Intel Xeon E5-2660
  • Intel Xeon E5-2658
  • Intel Xeon E5-2650
  • Intel Xeon E5-2650L
  • Intel Xeon E5-2648L
  • Intel Xeon E5-2643
  • Intel Xeon E5-2640
  • Intel Xeon E5-2637
  • Intel Xeon E5-2630
  • Intel Xeon E5-2630L
  • Intel Xeon E5-2628L
  • Intel Xeon E5-2620
  • Intel Xeon E5-2618L
  • Intel Xeon E5-2609
  • Intel Xeon E5-2603
  • Intel Xeon E5-1660
  • Intel Xeon E5-1650
  • Intel Xeon E5-1620
  • Intel Xeon E5-1607
  • Intel Xeon E5-1603

Intel Sandy Bridge-EN (2012)

  • Intel Xeon E5-2470
  • Intel Xeon E5-2450
  • Intel Xeon E5-2450L
  • Intel Xeon E5-2449L
  • Intel Xeon E5-2448L
  • Intel Xeon E5-2440
  • Intel Xeon E5-2430
  • Intel Xeon E5-2430L
  • Intel Xeon E5-2428L
  • Intel Xeon E5-2420
  • Intel Xeon E5-2418L
  • Intel Xeon E5-2407
  • Intel Xeon E5-2403
  • Intel Xeon E5-1428L
  • Intel Xeon E5-1410

Intel Gladden – Sandy Bridge (2012)

  • Intel Xeon E3-1125C
  • Intel Xeon E3-1105C

Intel Sandy Bridge (2011)

  • Intel Xeon E3-1290
  • Intel Xeon E3-1280
  • Intel Xeon E3-1275
  • Intel Xeon E3-1270
  • Intel Xeon E3-1260L
  • Intel Xeon E3-1245
  • Intel Xeon E3-1240
  • Intel Xeon E3-1235
  • Intel Xeon E3-1230
  • Intel Xeon E3-1225
  • Intel Xeon E3-1220
  • Intel Xeon E3-1220L
  • Intel Pentium 1407
  • Intel Pentium 1405
  • Intel Pentium 1403
  • Intel Pentium 350

Intel Westmere-EX (2011)

  • Intel Xeon E7-8870
  • Intel Xeon E7-8867L
  • Intel Xeon E7-8860
  • Intel Xeon E7-8850
  • Intel Xeon E7-8837
  • Intel Xeon E7-8830
  • Intel Xeon E7-4870
  • Intel Xeon E7-4860
  • Intel Xeon E7-4850
  • Intel Xeon E7-4830
  • Intel Xeon E7-4820
  • Intel Xeon E7-4807
  • Intel Xeon E7-2870
  • Intel Xeon E7-2860
  • Intel Xeon E7-2850
  • Intel Xeon E7-2830
  • Intel Xeon E7-2820
  • Intel Xeon E7-2803

Intel Gulftown (2010)

  • Intel Xeon W3690
  • Intel Xeon W3580
  • Intel Xeon W3570

Intel Clarksdale (2010)

  • Intel Xeon L3406
  • Intel Xeon L3403

Intel Jasper Forest (2010)

  • Intel Xeon EC5549
  • Intel Xeon EC5539
  • Intel Xeon EC5509
  • Intel Xeon LC5528
  • Intel Xeon LC5518
  • Intel Xeon EC3539
  • Intel Xeon LC3528
  • Intel Xeon LC3518

Intel Beckton (2010)

  • Intel Xeon X7560
  • Intel Xeon L7555
  • Intel Xeon X7550
  • Intel Xeon L7545
  • Intel Xeon X7542
  • Intel Xeon E7540
  • Intel Xeon E7530
  • Intel Xeon E7520
  • Intel Xeon X6550
  • Intel Xeon E6540
  • Intel Xeon E6510

Intel Westmere-EP (2010)

  • Intel Xeon X5698
  • Intel Xeon X5690
  • Intel Xeon X5687
  • Intel Xeon X5680
  • Intel Xeon X5679
  • Intel Xeon X5677
  • Intel Xeon X5675
  • Intel Xeon X5672
  • Intel Xeon X5670
  • Intel Xeon X5667
  • Intel Xeon X5660
  • Intel Xeon X5650
  • Intel Xeon E5649
  • Intel Xeon X5647
  • Intel Xeon E5645
  • Intel Xeon L5645
  • Intel Xeon E5640
  • Intel Xeon L5640
  • Intel Xeon L5639
  • Intel Xeon E5630
  • Intel Xeon L5638
  • Intel Xeon E5620
  • Intel Xeon E5607
  • Intel Xeon E5606
  • Intel Xeon E5603

Intel Gainestown (2009)

  • Intel Xeon W5590
  • Intel Xeon W5580
  • Intel Xeon X5570
  • Intel Xeon X5560
  • Intel Xeon X5550
  • Intel Xeon E5540
  • Intel Xeon E5530
  • Intel Xeon L5530
  • Intel Xeon E5520
  • Intel Xeon L5520
  • Intel Xeon L5518
  • Intel Xeon L5508
  • Intel Xeon E5507
  • Intel Xeon E5506
  • Intel Xeon L5506
  • Intel Xeon E5504
  • Intel Xeon E5503
  • Intel Xeon E5502

Intel Lynnfield (2009)

  • Intel Xeon X3480
  • Intel Xeon X3470
  • Intel Xeon X3460
  • Intel Xeon X3450
  • Intel Xeon X3440
  • Intel Xeon X3430
  • Intel Xeon L3426

Intel Bloomfield (2009)

  • Intel Xeon W3580
  • Intel Xeon W3570
  • Intel Xeon W3565
  • Intel Xeon W3550
  • Intel Xeon W3540
  • Intel Xeon W3530
  • Intel Xeon W3520
  • Intel Xeon W3505
  • Intel Xeon W3503

Intel Yorkfield (2008-2009)

  • Intel Xeon X3380
  • Intel Xeon L3380
  • Intel Xeon X3370
  • Intel Xeon X3360
  • Intel Xeon X3350

Intel Wolfdale (2008-2009)

  • Intel Xeon E3120
  • Intel Xeon E3110
  • Intel Xeon L3110

Intel Dunnington (2008)

  • Intel Xeon X7460
  • Intel Xeon E7458
  • Intel Xeon L7455
  • Intel Xeon E7450
  • Intel Xeon L7445
  • Intel Xeon E7440
  • Intel Xeon E7430
  • Intel Xeon E7420

Intel Yorkfield-6M (2008)

  • Intel Xeon X3330
  • Intel Xeon X3320

Intel Yorkfield-CL (2008)

  • Intel Xeon X3363
  • Intel Xeon X3353
  • Intel Xeon X3323
  • Intel Xeon X3113
  • Intel Xeon L3014

Intel Harpertown (2007-2008)

  • Intel Xeon X5492
  • Intel Xeon X5482
  • Intel Xeon X5472
  • Intel Xeon E5472
  • Intel Xeon E5462
  • Intel Xeon X5470
  • Intel Xeon X5460
  • Intel Xeon X5450
  • Intel Xeon E5450
  • Intel Xeon E5440
  • Intel Xeon E5430
  • Intel Xeon L5430
  • Intel Xeon E5420
  • Intel Xeon L5420
  • Intel Xeon E5410
  • Intel Xeon L5410
  • Intel Xeon L5408
  • Intel Xeon E5405

Intel Wolfdale-DP (2007-2008)

  • Intel Xeon X5272
  • Intel Xeon X5270
  • Intel Xeon X5260
  • Intel Xeon L5248
  • Intel Xeon X5240
  • Intel Xeon L5240
  • Intel Xeon L5238
  • Intel Xeon X5220
  • Intel Xeon L5215
  • Intel Xeon X5205

Intel Tigerton (2007)

  • Intel Xeon X7350
  • Intel Xeon L7345
  • Intel Xeon E7340
  • Intel Xeon E7330
  • Intel Xeon E7320
  • Intel Xeon E7310
  • Intel Xeon E7220
  • Intel Xeon E7210

Intel Kentsfield (2007)

  • Intel Xeon X3230
  • Intel Xeon X3220
  • Intel Xeon X3210

Intel Allendale (2007)

  • Intel Xeon 3050
  • Intel Xeon 3040

Intel Clovertown (2006-2007)

  • Intel Xeon X5365
  • Intel Xeon X5355
  • Intel Xeon X5350
  • Intel Xeon E5350
  • Intel Xeon E5345
  • Intel Xeon E5340
  • Intel Xeon E5335
  • Intel Xeon L5335
  • Intel Xeon E5330
  • Intel Xeon E5320
  • Intel Xeon L5320
  • Intel Xeon L5318
  • Intel Xeon E5310
  • Intel Xeon L5310

Intel Conroe (2006-2007)

  • Intel Xeon 3085
  • Intel Xeon 3075
  • Intel Xeon 3070
  • Intel Xeon 3065
  • Intel Xeon 3060
  • Intel Xeon 3050
  • Intel Xeon 3040

Intel Woodcrest (2006)

  • Intel Xeon 5160
  • Intel Xeon 5150
  • Intel Xeon LV 5148
  • Intel Xeon 5140
  • Intel Xeon LV 5138
  • Intel Xeon LV 5133
  • Intel Xeon 5130
  • Intel Xeon LV 5128
  • Intel Xeon 5120
  • Intel Xeon LV 5113
  • Intel Xeon 5110

Next Page > Intel Desktop CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Intel Desktop CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Coffee Lake-S (2017)

  • Intel Core i7-8700K
  • Intel Core i7-8700
  • Intel Core i5-8600K
  • Intel Core i5-8400
  • Intel Core i3-8350K
  • Intel Core i3-8100

Intel Gemini Lake (2017)

  • Intel Pentium Silver J5005
  • Intel Celeron J4105
  • Intel Celeron J4005

Intel Denverton (2017)

  • Intel Celeron C3958
  • Intel Celeron C3955
  • Intel Celeron C3950
  • Intel Celeron C3858
  • Intel Celeron C3850
  • Intel Celeron C3830
  • Intel Celeron C3808
  • Intel Celeron C3758
  • Intel Celeron C3750
  • Intel Celeron C3708
  • Intel Celeron C3558
  • Intel Celeron C3538
  • Intel Celeron C3508
  • Intel Celeron C3338
  • Intel Celeron C3308

Intel Kaby Lake-X (2017)

  • Intel Core i7-7740X
  • Intel Core i5-7640X

Intel Kaby Lake-S (2017)

  • Intel Core i7-7700K
  • Intel Core i7-7700
  • Intel Core i7-7700T
  • Intel Core i5-7600K
  • Intel Core i5-7600
  • Intel Core i5-7600T
  • Intel Core i5-7500
  • Intel Core i5-7500T
  • Intel Core i5-7400
  • Intel Core i5-7400T
  • Intel Core i3-7350K
  • Intel Core i3-7320
  • Intel Core i3-7300
  • Intel Core i3-7300T
  • Intel Core i3-7101T
  • Intel Core i3-7101TE
  • Intel Core i3-7100
  • Intel Core i3-7100T
  • Intel Pentium G4620
  • Intel Pentium G4600
  • Intel Pentium G4600T
  • Intel Pentium G4560
  • Intel Pentium G4560T
  • Intel Celeron G3950
  • Intel Celeron G3930
  • Intel Celeron G3930T
  • Intel Celeron G3930E
  • Intel Celeron G3930TE

Intel Skylake-X (2017)

  • Intel Core i9-7980XE
  • Intel Core i9-7960X
  • Intel Core i9-7940X
  • Intel Core i9-7920X
  • Intel Core i9-7900X
  • Intel Core i7-7820X
  • Intel Core i7-7800X

Intel Apollo Lake (2016)

  • Intel Pentium J4205
  • Intel Pentium J3455
  • Intel Pentium J3355
  • Intel Celeron J3455
  • Intel Celeron J3355
  • Intel Atom x5-E3950
  • Intel Atom x5-E3940
  • Intel Atom x5-E3930

Intel Skylake-H (2016)

  • Intel Core i7-6785R
  • Intel Core i5-6685R
  • Intel Core i5-6585R

Intel Braswell (2016)

  • Intel Pentium J3710
  • Intel Celeron J3160
  • Intel Celeron J3060
  • Intel Atom x5-E8000

Intel Broadwell-E (2016)

  • Intel Core i7-6950X
  • Intel Core i7-6900K
  • Intel Core i7-6850X
  • Intel Core i7-6800X

Intel Skylake-S (2015)

  • Intel Core i7-6700K
  • Intel Core i7-6700
  • Intel Core i7-6700T
  • Intel Core i7-6700TE
  • Intel Core i5-6600K
  • Intel Core i5-6600
  • Intel Core i5-6600T
  • Intel Core i5-6500
  • Intel Core i5-6500T
  • Intel Core i5-6500TE
  • Intel Core i5-6402P
  • Intel Core i5-6400
  • Intel Core i5-6400T
  • Intel Core i3-6320
  • Intel Core i3-6300
  • Intel Core i3-6300T
  • Intel Core i3-6100
  • Intel Core i3-6100T
  • Intel Core i3-6100TE
  • Intel Core i3-6098P
  • Intel Pentium G4520
  • Intel Pentium G4500
  • Intel Pentium G4500T
  • Intel Pentium G4400
  • Intel Pentium G4400T
  • Intel Pentium G4400TE
  • Intel Celeron G3920
  • Intel Celeron G3902E
  • Intel Celeron G3900
  • Intel Celeron G3900T
  • Intel Celeron G3900E
  • Intel Celeron G3900TE

Intel Broadwell-H (2015)

  • Intel Core i7-5775C
  • Intel Core i7-5775R
  • Intel Core i5-5675R
  • Intel Core i5-5675C
  • Intel Core i5-5575R

Intel Haswell-E (2014)

  • Intel Core i7-5960X
  • Intel Core i7-5930K
  • Intel Core i7-5820K

Intel Haswell-H (2013)

  • Intel Core i7-4770R
  • Intel Core i5-4670R
  • Intel Core i5-4570R

Intel Haswell-DT (2013)

  • Intel Core i7-4790K
  • Intel Core i7-4790
  • Intel Core i7-4790S
  • Intel Core i7-4790T
  • Intel Core i7-4785T
  • Intel Core i7-4771
  • Intel Core i7-4770K
  • Intel Core i7-4770
  • Intel Core i7-4770S
  • Intel Core i7-4770T
  • Intel Core i7-4770TE
  • Intel Core i7-4765T
  • Intel Core i5-4690K
  • Intel Core i5-4690
  • Intel Core i5-4690S
  • Intel Core i5-4690T
  • Intel Core i5-4670K
  • Intel Core i5-4670
  • Intel Core i5-4670S
  • Intel Core i5-4670T
  • Intel Core i5-4590
  • Intel Core i5-4590S
  • Intel Core i5-4590T
  • Intel Core i5-4570
  • Intel Core i5-4570S
  • Intel Core i5-4570T
  • Intel Core i5-4570TE
  • Intel Core i5-4460
  • Intel Core i5-4460S
  • Intel Core i5-4460T
  • Intel Core i5-4440
  • Intel Core i5-4440S
  • Intel Core i5-4430
  • Intel Core i5-4430S
  • Intel Core i3-4370
  • Intel Core i3-4370T
  • Intel Core i3-4360
  • Intel Core i3-4360T
  • Intel Core i3-4350
  • Intel Core i3-4350T
  • Intel Core i3-4340
  • Intel Core i3-4340TE
  • Intel Core i3-4330
  • Intel Core i3-4330T
  • Intel Core i3-4330TE
  • Intel Core i3-4170
  • Intel Core i3-4170T
  • Intel Core i3-4160
  • Intel Core i3-4160T
  • Intel Core i3-4150
  • Intel Core i3-4150T
  • Intel Core i3-4130
  • Intel Core i3-4130T
  • Intel Pentium G3470
  • Intel Pentium G3460
  • Intel Pentium G3460T
  • Intel Pentium G3450
  • Intel Pentium G3450T
  • Intel Pentium G3440
  • Intel Pentium G3440T
  • Intel Pentium G3430
  • Intel Pentium G3420
  • Intel Pentium G3420T
  • Intel Pentium G3320TE
  • Intel Pentium G3260
  • Intel Pentium G3260T
  • Intel Pentium G3258
  • Intel Pentium G3250
  • Intel Pentium G3250T
  • Intel Pentium G3240
  • Intel Pentium G3240T
  • Intel Pentium G3220
  • Intel Pentium G3220T
  • Intel Celeron G1850
  • Intel Celeron G1840
  • Intel Celeron G1840T
  • Intel Celeron G1830
  • Intel Celeron G1820
  • Intel Celeron G1820T
  • Intel Celeron G1820TE

[adrotate group=”1″]

Intel Bay Trail-D (2013)

  • Intel Celeron J1900
  • Intel Celeron J1850
  • Intel Celeron J1800
  • Intel Celeron J1750

Intel Bay Trail-I (2013)

  • Intel Atom E3845
  • Intel Atom E3827
  • Intel Atom E3826
  • Intel Atom E3825
  • Intel Atom E3815
  • Intel Atom E3805

Intel Ivy Bridge-E (2012)

  • Intel Core i7-4960X
  • Intel Core i7-4960K
  • Intel Core i7-4820K

Intel Ivy Bridge (2012)

  • Intel Core i7-3770K
  • Intel Core i7-3770
  • Intel Core i7-3770S
  • Intel Core i7-3770T
  • Intel Core i5-3570K
  • Intel Core i5-3570
  • Intel Core i5-3570S
  • Intel Core i5-3570T
  • Intel Core i5-3550
  • Intel Core i5-3550S
  • Intel Core i5-3475S
  • Intel Core i5-3470
  • Intel Core i5-3470S
  • Intel Core i5-3470T
  • Intel Core i5-3450
  • Intel Core i5-3450S
  • Intel Core i5-3350P
  • Intel Core i5-3440
  • Intel Core i5-3440S
  • Intel Core i5-3335S
  • Intel Core i5-3330
  • Intel Core i5-3330S
  • Intel Core i3-3250
  • Intel Core i3-3250T
  • Intel Core i3-3245
  • Intel Core i3-3240
  • Intel Core i3-3240T
  • Intel Core i3-3225
  • Intel Core i3-3220
  • Intel Core i3-3220T
  • Intel Core i3-3210
  • Intel Pentium G2140
  • Intel Pentium G2130
  • Intel Pentium G2120
  • Intel Pentium G2120T
  • Intel Pentium G2100T
  • Intel Pentium G2030
  • Intel Pentium G2030T
  • Intel Pentium G2020
  • Intel Pentium G2020T
  • Intel Pentium G2010
  • Intel Celeron G1630
  • Intel Celeron G1620
  • Intel Celeron G1620T
  • Intel Celeron G1610
  • Intel Celeron G1610T

Intel Sandy Bridge-E (2011)

  • Intel Core i7-3970X
  • Intel Core i7-3960K
  • Intel Core i7-3930K
  • Intel Core i7-3820

Intel Sandy Bridge (2011)

  • Intel Core i7-2700K
  • Intel Core i7-2600K
  • Intel Core i7-2600
  • Intel Core i7-2600S
  • Intel Core i5-2550K
  • Intel Core i5-2500K
  • Intel Core i5-2500
  • Intel Core i5-2500S
  • Intel Core i5-2500T
  • Intel Core i5-2450P
  • Intel Core i5-2405S
  • Intel Core i5-2400
  • Intel Core i5-2400S
  • Intel Core i5-2390T
  • Intel Core i5-2370P
  • Intel Core i5-2320
  • Intel Core i5-2310
  • Intel Core i5-2300
  • Intel Core i3-2130
  • Intel Core i3-2125
  • Intel Core i3-2120
  • Intel Core i3-2120T
  • Intel Core i3-2105
  • Intel Core i3-2102
  • Intel Core i3-2100
  • Intel Core i3-2100T
  • Intel Pentium G870
  • Intel Pentium G860
  • Intel Pentium G860T
  • Intel Pentium G850
  • Intel Pentium G840
  • Intel Pentium G645
  • Intel Pentium G645T
  • Intel Pentium G640
  • Intel Pentium G640T
  • Intel Pentium G632
  • Intel Pentium G630
  • Intel Pentium G630T
  • Intel Pentium G622
  • Intel Pentium G620
  • Intel Pentium G620T
  • Intel Celeron G555
  • Intel Celeron G550
  • Intel Celeron G550T
  • Intel Celeron G540
  • Intel Celeron G540T
  • Intel Celeron G530
  • Intel Celeron G530T
  • Intel Celeron G470
  • Intel Celeron G465
  • Intel Celeron G460
  • Intel Celeron G440

Intel Gulftown (2010)

  • Intel Core i7-990X
  • Intel Core i7-980X
  • Intel Core i7-980
  • Intel Core i7-970

Intel Clarksdale (2010)

  • Intel Core i5-680
  • Intel Core i5-670
  • Intel Core i5-661
  • Intel Core i5-660
  • Intel Core i5-655K
  • Intel Core i5-650
  • Intel Core i3-560
  • Intel Core i3-550
  • Intel Core i3-540
  • Intel Core i3-530
  • Intel Pentium G6960
  • Intel Pentium G6951
  • Intel Pentium G6950
  • Intel Celeron G1101

Intel Lynnfield (2009)

  • Intel Core i7-880
  • Intel Core i7-875K
  • Intel Core i7-870
  • Intel Core i7-870S
  • Intel Core i7-860
  • Intel Core i7-860S
  • Intel Core i5-760
  • Intel Core i5-750
  • Intel Core i5-750S

Intel Bloomfield (2008)

  • Intel Core i7-975 Extreme Edition
  • Intel Core i7-965 Extreme Edition
  • Intel Core i7-960
  • Intel Core i7-950
  • Intel Core i7-940
  • Intel Core i7-930
  • Intel Core i7-920

Intel Yorkfield-6M (2008-2010)

  • Intel Core 2 Quad Q9705
  • Intel Core 2 Quad Q9700
  • Intel Core 2 Quad Q9505S
  • Intel Core 2 Quad Q9505
  • Intel Core 2 Quad Q9500
  • Intel Core 2 Quad Q9400S
  • Intel Core 2 Quad Q9400
  • Intel Core 2 Quad Q9300
  • Intel Core 2 Quad Q8400S
  • Intel Core 2 Quad Q8400
  • Intel Core 2 Quad Q8300
  • Intel Core 2 Quad Q8200S
  • Intel Core 2 Quad Q8200

Intel Yorkfield (2008-2009)

  • Intel Core 2 Quad Q9650
  • Intel Core 2 Quad Q9550S
  • Intel Core 2 Quad Q9550
  • Intel Core 2 Quad Q9450S
  • Intel Core 2 Quad Q9450

Intel Wolfdale (2008-2009)

  • Intel Core 2 Duo E8700
  • Intel Core 2 Duo E8600
  • Intel Core 2 Duo E8500
  • Intel Core 2 Duo E8400
  • Intel Core 2 Duo E8300
  • Intel Core 2 Duo E8290
  • Intel Core 2 Duo E8200
  • Intel Core 2 Duo E8190

Intel Wolfdale-3M (2008-2010)

  • Intel Core 2 Duo E7600
  • Intel Core 2 Duo E7500
  • Intel Core 2 Duo E7400
  • Intel Core 2 Duo E7300
  • Intel Core 2 Duo E7200
  • Intel Pentium E6800
  • Intel Pentium E6700
  • Intel Pentium E6600
  • Intel Pentium E6500K
  • Intel Pentium E6500
  • Intel Pentium E6300
  • Intel Pentium E5800
  • Intel Pentium E5700
  • Intel Pentium E5500
  • Intel Pentium E5400
  • Intel Pentium E5300
  • Intel Pentium Dual-Core E5300
  • Intel Pentium E5200
  • Intel Pentium Dual-Core E5200
  • Intel Pentium Dual-Core E2210
  • Intel Celeron E3500
  • Intel Celeron E3400
  • Intel Celeron E3300
  • Intel Celeron E3200

Intel Allendale (2008-2009)

  • Intel Celeron E1600
  • Intel Celeron E1500
  • Intel Celeron E1400
  • Intel Celeron E1200

Intel Yorkfield-XE (2007-2008)

  • Intel Core 2 Extreme QX9775
  • Intel Core 2 Extreme QX9770
  • Intel Core 2 Extreme QX9650

Intel Conroe-L (2007-2008)

  • Intel Celeron 450
  • Intel Celeron 445
  • Intel Celeron 430
  • Intel Celeron 420
  • Intel Celeron 220

Intel Kentsfield (2007)

  • Intel Core 2 Quad Q6700
  • Intel Core 2 Quad Q6600
  • Intel Core 2 Quad Q6400

Intel Conroe-CL (2007)

  • Intel Core 2 Duo E6405
  • Intel Core 2 Duo E6305
  • Intel Celeron 445

Intel Conroe (2006-2008)

  • Intel Core 2 Duo E6850
  • Intel Core 2 Duo E6750
  • Intel Core 2 Duo E6700
  • Intel Core 2 Duo E6600
  • Intel Core 2 Duo E6550
  • Intel Core 2 Duo E6540
  • Intel Core 2 Duo E6420
  • Intel Core 2 Duo E6400
  • Intel Core 2 Duo E6320
  • Intel Core 2 Duo E6300
  • Intel Core 2 Duo E4700
  • Intel Core 2 Duo E4600
  • Intel Core 2 Duo E4500
  • Intel Core 2 Duo E4400
  • Intel Core 2 Duo E4300
  • Intel Pentium Dual-Core E2220
  • Intel Pentium Dual-Core E2200
  • Intel Pentium Dual-Core E2180
  • Intel Pentium Dual-Core E2160
  • Intel Pentium Dual-Core E2140

Intel Kentsfield-XE (2006-2007)

  • Intel Core 2 Extreme QX6850
  • Intel Core 2 Extreme QX6800
  • Intel Core 2 Extreme QX6700

Next Page > Intel Mobile CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Intel Mobile CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These Intel CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

Intel Gemini Lake (2017)

  • Intel Pentium Silver N5000
  • Intel Celeron N4100
  • Intel Celeron N4000

Intel Apollo Lake (2016)

  • Intel Pentium N4200
  • Intel Celeron N3450
  • Intel Celeron N3350

Intel Kaby Lake Refresh (2017)

  • Intel Core i7-8650U
  • Intel Core i7-8550U
  • Intel Core i5-8350U
  • Intel Core i5-8250U

Intel Kaby Lake-Y (2017)

  • Intel Core i5-Y757
  • Intel Core i5-Y754
  • Intel Core m3-7Y32
  • Intel Core m3-7Y30
  • Intel Pentium 4415Y
  • Intel Pentium 4410Y
  • Intel Celeron 3965Y

Intel Kaby Lake-U (2017)

  • Intel Core i7-7660U
  • Intel Core i7-7600U
  • Intel Core i7-7567U
  • Intel Core i7-7560U
  • Intel Core i7-7500U
  • Intel Core i5-7360U
  • Intel Core i5-7300U
  • Intel Core i5-7287U
  • Intel Core i5-7367U
  • Intel Core i5-7260U
  • Intel Core i5-7200U
  • Intel Core i3-7167U
  • Intel Core i3-7130U
  • Intel Core i3-7100U
  • Intel Pentium 4415U
  • Intel Celeron 3965U
  • Intel Celeron 3865U

Intel Kaby Lake-H (2016)

  • Intel Core i7-7920HQ
  • Intel Core i7-7820HQ
  • Intel Core i7-7820HK
  • Intel Core i7-7820EQ
  • Intel Core i7-7700HQ
  • Intel Core i7-7Y75
  • Intel Core i5-7442HQ
  • Intel Core i5-7442EQ
  • Intel Core i5-7440HQ
  • Intel Core i5-7440EQ
  • Intel Core i3-7102E
  • Intel Core i3-7100H
  • Intel Core i3-7100E

Intel Skylake-H (2015)

  • Intel Core i7-6970HQ
  • Intel Core i7-6920HQ
  • Intel Core i7-6870HQ
  • Intel Core i7-6822EQ
  • Intel Core i7-6820HQ
  • Intel Core i7-6820HK
  • Intel Core i7-6820EQ
  • Intel Core i7-6770HQ
  • Intel Core i7-6700HQ
  • Intel Core i5-6442EQ
  • Intel Core i5-6440HQ
  • Intel Core i5-6440EQ
  • Intel Core i5-6350HQ
  • Intel Core i5-6300HQ
  • Intel Core i3-6102E
  • Intel Core i3-6100H
  • Intel Core i3-6100E

Intel Skylake-Y (2015)

  • Intel Core m3-6Y75
  • Intel Core m3-6Y57
  • Intel Core m3-6Y54
  • Intel Core m3-6Y30
  • Intel Pentium 4405Y

Intel Skylake-U (2015)

  • Intel Core i7-6660U
  • Intel Core i7-6650U
  • Intel Core i7-6600U
  • Intel Core i7-6567U
  • Intel Core i7-6560U
  • Intel Core i7-6500U
  • Intel Core i5-6360U
  • Intel Core i5-6300U
  • Intel Core i5-6287U
  • Intel Core i5-6267U
  • Intel Core i5-6260U
  • Intel Core i5-6200U
  • Intel Core i5-6198DU
  • Intel Core i3-6167U
  • Intel Core i3-6157U
  • Intel Core i3-6100U
  • Intel Core i3-6006U
  • Intel Celeron 3955U
  • Intel Celeron 3855U
  • Intel Pentium 4405U

Intel Broadwell-H (2015)

  • Intel Core i7-5950HQ
  • Intel Core i7-5850HQ
  • Intel Core i7-5850EQ
  • Intel Core i7-5750HQ
  • Intel Core i7-5700HQ
  • Intel Core i7-5700EQ
  • Intel Core i5-5350H

Intel Broadwell-U (2015)

  • Intel Core i7-5650U
  • Intel Core i7-5600U
  • Intel Core i7-5557U
  • Intel Core i7-5550U
  • Intel Core i7-5500U
  • Intel Core i5-5350U
  • Intel Core i5-5300U
  • Intel Core i5-5287U
  • Intel Core i5-5257U
  • Intel Core i5-5250U
  • Intel Core i5-5200U
  • Intel Core i3-5157U
  • Intel Core i3-5020U
  • Intel Core i3-5015U
  • Intel Core i3-5010U
  • Intel Core i3-5005U
  • Intel Pentium 3825U
  • Intel Pentium 3805U
  • Intel Celeron 3765U
  • Intel Celeron 3755U
  • Intel Celeron 3215U
  • Intel Celeron 3205U

Intel Braswell (2015)

  • Intel Pentium N3710
  • Intel Pentium N3700
  • Intel Celeron N3160
  • Intel Celeron N3150
  • Intel Celeron N3060
  • Intel Celeron N3050
  • Intel Celeron N3010
  • Intel Celeron N3000

Intel Broadwell-Y (2014)

  • Intel Core M-5Y71
  • Intel Core M-5Y70
  • Intel Core M-5Y51
  • Intel Core M-5Y31
  • Intel Core M-5Y10c
  • Intel Core M-5Y10a
  • Intel Core M-5Y10

Intel Haswell-H (2013)

  • Intel Core i7-4980HQ
  • Intel Core i7-4960HQ
  • Intel Core i7-4950HQ
  • Intel Core i7-4870HQ
  • Intel Core i7-4860HQ
  • Intel Core i7-4860EQ
  • Intel Core i7-4850HQ
  • Intel Core i7-4850EQ
  • Intel Core i7-4770HQ
  • Intel Core i7-4760HQ
  • Intel Core i7-4750HQ
  • Intel Core i7-4722HQ
  • Intel Core i7-4720HQ
  • Intel Core i7-4712HQ
  • Intel Core i7-4710HQ
  • Intel Core i7-4702HQ
  • Intel Core i7-4702EC
  • Intel Core i7-4701EQ
  • Intel Core i7-4700HQ
  • Intel Core i7-4700MQ
  • Intel Core i7-4700EQ
  • Intel Core i7-4700EC
  • Intel Core i5-4422E
  • Intel Core i5-4410E
  • Intel Core i5-4402E
  • Intel Core i5-4402EC
  • Intel Core i5-4400E
  • Intel Core i5-4210H
  • Intel Core i5-4200H
  • Intel Core i3-4112E
  • Intel Core i3-4110E
  • Intel Core i3-4102E
  • Intel Core i3-4100E

Intel Haswell-ULX (2013)

  • Intel Core i7-4610Y
  • Intel Core i5-4302Y
  • Intel Core i5-4300Y
  • Intel Core i5-4220Y
  • Intel Core i5-4210Y
  • Intel Core i5-4202Y
  • Intel Core i3-4030Y
  • Intel Core i3-4020Y
  • Intel Core i3-4012Y
  • Intel Core i3-4010Y
  • Intel Pentium 3561Y
  • Intel Pentium 3560Y
  • Intel Celeron 2002E
  • Intel Celeron 2000E

Intel Haswell-ULX (2013)

  • Intel Celeron 2961Y

Intel Haswell-ULT (2013)

  • Intel Core i7-4650U
  • Intel Core i7-4600U
  • Intel Core i7-4578U
  • Intel Core i7-4558U
  • Intel Core i7-4550U
  • Intel Core i7-4510U
  • Intel Core i7-4500U
  • Intel Core i5-4360U
  • Intel Core i5-4360U
  • Intel Core i5-4310U
  • Intel Core i5-4308U
  • Intel Core i5-4300U
  • Intel Core i5-4288U
  • Intel Core i5-4280U
  • Intel Core i5-4278U
  • Intel Core i5-4258U
  • Intel Core i5-4250U
  • Intel Core i5-4210U
  • Intel Core i5-4200U
  • Intel Core i3-4158U
  • Intel Core i3-4120U
  • Intel Core i3-4100U
  • Intel Core i3-4030U
  • Intel Core i3-4025U
  • Intel Core i3-4010U
  • Intel Core i3-4005U
  • Intel Pentium 3558U
  • Intel Pentium 3556U
  • Intel Celeron 2981U
  • Intel Celeron 2980U
  • Intel Celeron 2957U
  • Intel Celeron 2955U

Intel Haswell-MB (2013)

  • Intel Core i7-4940MX
  • Intel Core i7-4930MX
  • Intel Core i7-4910MQ
  • Intel Core i7-4900MQ
  • Intel Core i7-4810MQ
  • Intel Core i7-4800MQ
  • Intel Core i7-4712MQ
  • Intel Core i7-4710MQ
  • Intel Core i7-4702MQ
  • Intel Core i7-4610M
  • Intel Core i7-4600M
  • Intel Core i5-4340M
  • Intel Core i5-4330M
  • Intel Core i5-4310M
  • Intel Core i5-4300M
  • Intel Core i5-4210M
  • Intel Core i5-4200M
  • Intel Core i3-4110M
  • Intel Core i3-4100M
  • Intel Core i3-4010M
  • Intel Core i3-4000M
  • Intel Pentium 3560M
  • Intel Pentium 3550M
  • Intel Celeron 2970M
  • Intel Celeron 2950M

Intel Bay Trail-M (2013)

  • Intel Pentium N3540
  • Intel Pentium N3530
  • Intel Pentium N3520
  • Intel Pentium N3510
  • Intel Celeron N2940
  • Intel Celeron N2930
  • Intel Celeron N2920
  • Intel Celeron N2910
  • Intel Celeron N2840
  • Intel Celeron N2830
  • Intel Celeron N2820
  • Intel Celeron N2815
  • Intel Celeron N2810
  • Intel Celeron N2808
  • Intel Celeron N2807
  • Intel Celeron N2806
  • Intel Celeron N2805

Intel Gladden – Ivy Bridge (2013)

  • Intel Core i3-3115C

Intel Ivy Bridge (2012)

  • Intel Core i7-3940XM
  • Intel Core i7-3920XM
  • Intel Core i7-3840QM
  • Intel Core i7-3820QM
  • Intel Core i7-3740QM
  • Intel Core i7-3720QM
  • Intel Core i7-3689Y
  • Intel Core i7-3687U
  • Intel Core i7-3667U
  • Intel Core i7-3635QM
  • Intel Core i7-3632QM
  • Intel Core i7-3630QM
  • Intel Core i7-3615QM
  • Intel Core i7-3615QE
  • Intel Core i7-3612QM
  • Intel Core i7-3612QE
  • Intel Core i7-3610QM
  • Intel Core i7-3610QE
  • Intel Core i7-3537U
  • Intel Core i7-3517U
  • Intel Core i7-3517UE
  • Intel Core i7-3555LE
  • Intel Core i7-3540M
  • Intel Core i7-3520M
  • Intel Core i5-3439Y
  • Intel Core i5-3437U
  • Intel Core i5-3427U
  • Intel Core i5-3339Y
  • Intel Core i5-3380M
  • Intel Core i5-3360M
  • Intel Core i5-3340M
  • Intel Core i5-3237U
  • Intel Core i5-3320M
  • Intel Core i5-3230M
  • Intel Core i5-3217U
  • Intel Core i5-3210M
  • Intel Core i5-3210ME
  • Intel Core i3-3229Y
  • Intel Core i3-3227U
  • Intel Core i3-3217U
  • Intel Core i3-3217UE
  • Intel Core i3-3130M
  • Intel Core i3-3120M
  • Intel Core i3-3120ME
  • Intel Core i3-3110M
  • Intel Pentium 2129Y
  • Intel Pentium 2127U
  • Intel Pentium 2117U
  • Intel Pentium 2030M
  • Intel Pentium 2020M
  • Intel Pentium A1018
  • Intel Celeron 1047UE
  • Intel Celeron 1037U
  • Intel Celeron 1020M
  • Intel Celeron 1020E
  • Intel Celeron 1019Y
  • Intel Celeron 1017U
  • Intel Celeron 1005M
  • Intel Celeron 1007U
  • Intel Celeron 1000M
  • Intel Celeron 927UE

Intel Gladden – Sandy Bridge (2012)

  • Intel Core i3-2115C
  • Intel Celeron 725C

Intel Sandy Bridge (2011)

  • Intel Core i7-2960XM
  • Intel Core i7-2920XM
  • Intel Core i7-2860QM
  • Intel Core i7-2820QM
  • Intel Core i7-2760QM
  • Intel Core i7-2720QM
  • Intel Core i7-2715QE
  • Intel Core i7-2710QE
  • Intel Core i7-2675QM
  • Intel Core i7-2677M
  • Intel Core i7-2670QM
  • Intel Core i7-2657M
  • Intel Core i7-2655LE
  • Intel Core i7-2649M
  • Intel Core i7-2640M
  • Intel Core i7-2637M
  • Intel Core i7-2635QM
  • Intel Core i7-2630QM
  • Intel Core i7-2629M
  • Intel Core i7-2620M
  • Intel Core i7-2617M
  • Intel Core i7-2610E
  • Intel Core i5-2557M
  • Intel Core i5-2540M
  • Intel Core i5-2537M
  • Intel Core i5-2520M
  • Intel Core i5-2467M
  • Intel Core i5-2450M
  • Intel Core i5-2435M
  • Intel Core i5-2430M
  • Intel Core i5-2415M
  • Intel Core i5-2415E
  • Intel Core i5-2410M
  • Intel Core i5-2410E
  • Intel Core i3-2377M
  • Intel Core i3-2375M
  • Intel Core i3-2370M
  • Intel Core i3-2367M
  • Intel Core i3-2365M
  • Intel Core i3-2357M
  • Intel Core i3-2350M
  • Intel Core i3-2348M
  • Intel Core i3-2340UE
  • Intel Core i3-2332M
  • Intel Core i3-2330M
  • Intel Core i3-2330E
  • Intel Core i3-2328M
  • Intel Core i3-2312M
  • Intel Core i3-2310M
  • Intel Core i3-2310E
  • Intel Core i3-2308M
  • Intel Pentium 997
  • Intel Pentium 987
  • Intel Pentium B980
  • Intel Pentium 977
  • Intel Pentium B970
  • Intel Pentium 967
  • Intel Pentium B960
  • Intel Pentium 957
  • Intel Pentium B950
  • Intel Pentium B940
  • Intel Celeron 887
  • Intel Celeron 877
  • Intel Celeron 867
  • Intel Celeron 857
  • Intel Celeron 847
  • Intel Celeron B847E
  • Intel Celeron B840
  • Intel Celeron B830
  • Intel Celeron B827E
  • Intel Celeron B820
  • Intel Celeron B815
  • Intel Celeron B810
  • Intel Celeron B810E
  • Intel Celeron 807
  • Intel Celeron B807UE
  • Intel Celeron B800
  • Intel Celeron 797
  • Intel Celeron 787
  • Intel Celeron B730
  • Intel Celeron B720
  • Intel Celeron B710

[adrotate group=”1″]

Intel Arrandale (2010)

  • Intel Core i7-680UM
  • Intel Core i7-660LM
  • Intel Core i7-680UM
  • Intel Core i7-680UE
  • Intel Core i7-640M
  • Intel Core i7-640LM
  • Intel Core i7-640UM
  • Intel Core i7-620M
  • Intel Core i7-620LM
  • Intel Core i7-620LE
  • Intel Core i7-620UM
  • Intel Core i7-620UE
  • Intel Core i7-610E
  • Intel Core i5-580M
  • Intel Core i5-560M
  • Intel Core i5-560UM
  • Intel Core i5-540M
  • Intel Core i5-540UM
  • Intel Core i5-520M
  • Intel Core i5-520UM
  • Intel Core i5-520E
  • Intel Core i5-480M
  • Intel Core i5-470UM
  • Intel Core i5-460M
  • Intel Core i5-450M
  • Intel Core i5-430M
  • Intel Core i5-430UM
  • Intel Core i3-390M
  • Intel Core i3-380M
  • Intel Core i3-380UM
  • Intel Core i3-370M
  • Intel Core i3-350M
  • Intel Core i3-330M
  • Intel Core i3-330E
  • Intel Core i3-380UE
  • Intel Pentium P6300
  • Intel Pentium P6200
  • Intel Pentium P6100
  • Intel Pentium P6000
  • Intel Pentium U5600
  • Intel Pentium U5400
  • Intel Celeron P4600
  • Intel Celeron P4505
  • Intel Celeron P4500
  • Intel Celeron U3800
  • Intel Celeron U3405
  • Intel Celeron U3400

Intel Jasper Forest (2010)

  • Intel Celeron P1053

Intel Clarksfield (2009)

  • Intel Core i7-940XM
  • Intel Core i7-920XM
  • Intel Core i7-840QM
  • Intel Core i7-820QM
  • Intel Core i7-740QM
  • Intel Core i7-720QM

Intel Penryn-3M (2008-2011)

  • Intel Core 2 Duo SU9600
  • Intel Core 2 Duo SP9600
  • Intel Core 2 Duo SU9400
  • Intel Core 2 Duo SP9400
  • Intel Core 2 Duo SU9300
  • Intel Core 2 Duo SP9300
  • Intel Core 2 Duo SU7300
  • Intel Pentium T4500
  • Intel Pentium T4400
  • Intel Pentium T4300
  • Intel Pentium T4200
  • Intel Pentium SU4100
  • Intel Pentium SU2700
  • Intel Celeron T3500
  • Intel Celeron T3300
  • Intel Celeron T3100
  • Intel Celeron T3000
  • Intel Celeron SU2300
  • Intel Celeron 925
  • Intel Celeron 900
  • Intel Celeron ULV 763
  • Intel Celeron M ULV 743
  • Intel Celeron M ULV 723
  • Intel Celeron M ULV 722

Intel Penryn-L (2008-2009)

  • Intel Core 2 Solo SU3500
  • Intel Core 2 Solo SU3300

Intel Penryn (2008-2009)

  • Intel Core 2 Duo T9900
  • Intel Core 2 Duo T9800
  • Intel Core 2 Duo P9700
  • Intel Core 2 Duo P9600
  • Intel Core 2 Duo T9600
  • Intel Core 2 Duo SL9600
  • Intel Core 2 Duo T9550
  • Intel Core 2 Duo P9500
  • Intel Core 2 Duo T9500
  • Intel Core 2 Duo SL9400
  • Intel Core 2 Duo T9400
  • Intel Core 2 Duo SL9380
  • Intel Core 2 Duo SL9300
  • Intel Core 2 Duo T9300
  • Intel Core 2 Duo P8800
  • Intel Core 2 Duo P8700
  • Intel Core 2 Duo P8600
  • Intel Core 2 Duo E8435
  • Intel Core 2 Duo P8400
  • Intel Core 2 Duo E8335
  • Intel Core 2 Duo T8300
  • Intel Core 2 Duo E8235
  • Intel Core 2 Duo E8135
  • Intel Core 2 Duo T8100
  • Intel Core 2 Duo P7570
  • Intel Core 2 Duo P7550
  • Intel Core 2 Duo P7460
  • Intel Core 2 Duo P7450
  • Intel Core 2 Duo P7370
  • Intel Core 2 Duo P7350
  • Intel Core 2 Duo T6970
  • Intel Core 2 Duo T6900
  • Intel Core 2 Duo T6670
  • Intel Core 2 Duo T6600
  • Intel Core 2 Duo T6570
  • Intel Core 2 Duo T6500
  • Intel Core 2 Duo T6400

Intel Penryn QC-XE (2008)

  • Intel Core 2 Extreme QX9300

Intel Penryn QC (2008)

  • Intel Core 2 Quad Q9100
  • Intel Core 2 Quad Q9000

Intel Merom-2M (2007-2008)

  • Intel Core 2 Duo U7700
  • Intel Core 2 Duo U7600
  • Intel Core 2 Duo U7500
  • Intel Pentium Dual-Core T3400
  • Intel Pentium Dual-Core T3200
  • Intel Pentium Dual-Core T2410
  • Intel Pentium Dual-Core T2390
  • Intel Pentium Dual-Core T2370
  • Intel Pentium Dual-Core T2330
  • Intel Pentium Dual-Core T2310
  • Intel Celeron T1700
  • Intel Celeron T1600
  • Intel Celeron T1500
  • Intel Celeron T1400
  • Intel Celeron 585
  • Intel Celeron 575

Intel Merom-L (2007)

  • Intel Core 2 Solo ULV U2200
  • Intel Core 2 Solo ULV U2100
  • Intel Celeron ULV 573
  • Intel Celeron M ULV 523

Intel Merom (2007)

  • Intel Core 2 Duo T7800
  • Intel Core 2 Duo T7700
  • Intel Core 2 Duo SP7700
  • Intel Core 2 Duo L7700
  • Intel Core 2 Duo T7600G
  • Intel Core 2 Duo T7600
  • Intel Core 2 Duo SP7500
  • Intel Core 2 Duo T7500
  • Intel Core 2 Duo L7500
  • Intel Core 2 Duo T7400
  • Intel Core 2 Duo L7400
  • Intel Core 2 Duo T7300
  • Intel Core 2 Duo L7300
  • Intel Core 2 Duo T7250
  • Intel Core 2 Duo T7200
  • Intel Core 2 Duo L7200
  • Intel Core 2 Duo T7100
  • Intel Core 2 Duo SL7100
  • Intel Core 2 Duo T5900
  • Intel Core 2 Duo T5800
  • Intel Core 2 Duo T5750
  • Intel Core 2 Duo T5670
  • Intel Core 2 Duo T5600
  • Intel Core 2 Duo T5550
  • Intel Core 2 Duo T5500
  • Intel Core 2 Duo T5470
  • Intel Core 2 Duo T5450
  • Intel Core 2 Duo T5300
  • Intel Core 2 Duo T5270
  • Intel Core 2 Duo T5250
  • Intel Core 2 Duo T5200
  • Intel Celeron 570
  • Intel Celeron 560
  • Intel Celeron 550
  • Intel Celeron 540
  • Intel Celeron 530
  • Intel Celeron M 530
  • Intel Celeron M 520

Intel Merom-XE (2007)

  • Intel Core 2 Extreme X7900
  • Intel Core 2 Extreme X7800

Next Page > VIA Desktop + Mobile CPUs Vulnerable To Meltdown + Spectre

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


VIA Desktop CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These VIA CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

VIA Nano QuadCore (2011)

  • VIA Nano QuadCore L4800E
  • VIA Nano QuadCore L4700E
  • VIA Nano QuadCore L4650E

VIA Nano Dual Core 2011)

  • VIA Nano X2 E L4350E
  • VIA Nano X2 E L4350E

VIA Nano 3000 Series (2009)

  • VIA Nano L3600
  • VIA Nano L3050
  • VIA Nano L3025

VIA Nano 2000 Series (2008)

  • VIA Nano L2200
  • VIA Nano L2100

 

VIA Mobile CPUs Vulnerable To Meltdown + Spectre

Affected Variants : These VIA CPUs are affected by all three variants of the speculative execution CPU bug. They are vulnerable to the Meltdown and both Spectre exploits.

VIA Nano Dual Core (2011)

  • VIA Eden X2 U4200E
  • VIA Eden X2 U4100E

VIA Nano 3000 Series (2010)

  • VIA Nano U3500
  • VIA Nano U3400
  • VIA Nano U3300
  • VIA Nano U3200
  • VIA Nano U3100

VIA Nano 2000/1000 Series (2008)

  • VIA Nano U2500
  • VIA Nano U2300
  • VIA Nano U2250
  • VIA Nano U2225
  • VIA Nano U1700

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > First Page | Guides | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Everything On The Meltdown + Spectre CPU Flaws! Rev. 3.0

The Meltdown and Spectre CPU flaws that the Google Project Zero team discovered are arguably the worst we have ever known. These vulnerabilities were built into BILLIONS of CPUs that we have been using for the last decade or so.

Not just Intel CPUs, but also CPUs made by AMD, Apple and ARM. Even those that power our smartphones and other smart devices!

Let’s take a look at what we know so far about Meltdown and Spectre, how they affect you, and what we can do about them.

This story is still developing. We will update the article as and when new details emerge. Be sure to check back and refresh the page for the latest information!

 

Article Update History

Click here for the Article Update History

2018-02-17 : Updated the table of CPUs vulnerable to Meltdown and Spectre. Updated four sections with new information.

2018-02-05 : Added a table of CPUs vulnerable to Meltdown and Spectre. Updated three sections with new information.

2018-01-25 : Revamped the entire article. Added a new section on the difference between Meltdown and Spectre, and a new section on InSpectre. Updated the list of vulnerable processors, mitigation efforts by Microsoft and Apple, as well as the Intel spontaneous reboot issues with their Spectre 2 patches.

2018-01-16 : Updated the list of vulnerable processors, and added a new section on Intel CPUs spontaneously rebooting after applying Meltdown and Spectre patches. Also added cautionary advice on holding off these updates.

2018-01-12 : Updated the article with the AMD confirmation that their processors are vulnerable to both Spectre exploits. Also added details on the Google Retpoline mitigation technique against Spectre attacks.

2018-01-11 : Added new sections on the performance impact of the Meltdown and Spectre mitigation patches, and reports of those patches bricking some AMD PCs. Also expanded the list of affected CPUs, and corrected information on the Intel-SA-00086 Detection Tool.

Between 2018-01-09 and 2018-01-10 : Numerous updates including details of patches and affected CPUs.

Originally posted @ 2018-01-09


 

The Meltdown + Spectre Vulnerabilities

  • The Project Zero team identified these vulnerabilities in 2017, reporting it to Intel, AMD and ARM on 1 June 2017.
  • These vulnerabilities take advantage of the Speculative Execution and Branch Prediction features of the modern processor, that have been used for many years to improve performance.
  • Speculative Execution lets the CPU predict and pre-execute the next instruction, allowing it to “instantly” deliver the results if it’s correct.
  • Branch Prediction helps the CPU predict future execution paths that should be speculatively-executed for better performance.
  • There are THREE (3) variants of the speculative execution CPU bug :
    • Variant 1 : Bounds Check Bypass (CVE-2017-5753)
    • Variant 2 : Branch Target Injection (CVE-2017-5715)
    • Variant 3 : Rogue Data Cache Load (CVE-2017-5754)
  • The Spectre attack (whitepaper) exploits variants 1 and 2.
  • The Meltdown attack (whitepaper) exploits variant 3.
  • There is a Variant 3a, which appears to affect only certain ARM processors.

 

What’s The Difference Between Meltdown & Spectre?

  • Spectre tricks the CPU branch predictor into mis-predicting the wrong path, thereby speculatively executing code that would not otherwise be executed.
  • Meltdown takes advantage of the out-of-order execution capability of modern processors, tricking them into executing malicious code that would normally not be allowed.
  • The Spectre name is based on both the root cause – speculative execution, and the fact that it is not easy to fix, and will haunt us for a long time like a spectre (ghost).
  • The Meltdown name was chosen because the vulnerability “basically melts security boundaries which are normally enforced by the hardware“.

 

How Bad Are Meltdown & Spectre?

  • The Spectre exploits let an attacker access and copy information from the memory space used by other applications.
  • The Meltdown exploit lets an attacker copy the entire physical memory of the computer.
  • Unless patched, the affected processors are vulnerable to malware and cyberattacks that exploits this CPU bug to steal critical information from running apps (like login and credit card information, emails, photos, documents, etc.)
  • While the Meltdown exploit can be “fixed”, it is likely that the Spectre exploit cannot be fixed, only mitigated, without a redesign of the processors. That means we will have to live with the risks of a Spectre attack for many more years to come.

 

How Many Processors Are Affected? Updated!

For the complete list of affected AMD, Apple, ARM and Intel processors, please see this separate article – The Complete List Of CPUs Vulnerable To Meltdown / Spectre

Company Spectre 1 Spectre 2 Meltdown
AMD 295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
295 Server CPUs
42 Workstation CPUs
396 Desktop CPUs
208 Mobile CPUs
None
Apple 13 Mobile SoCs 13 Mobile SoCs 13 Mobile SoCs
ARM 10 Mobile CPUs
3 Server SoCs
10 Mobile CPUs
3 Server SoCs
4 Mobile CPUs
3 Server SoCs
IBM 10 POWER CPUs 10 POWER CPUs 10 POWER CPUs
Intel 732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs
732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs
732 Server / Workstation CPUs
443 Desktop CPUs
583 Mobile CPUs
51 Mobile SoCs

Total

2786 CPUs 2786 CPUs 1839 CPUs

For the complete list of affected AMD, Apple, ARM and Intel processors, please see this separate article – The Complete List Of CPUs Vulnerable To Meltdown / Spectre

 

Intel Detection Tool?

The Intel-SA-00086 Detection Tool does NOT detect the processor’s susceptibility to these vulnerabilities. It only checks for different vulnerabilities affecting the Intel Management Engine.

 

InSpectre

Our reader Arthur shared that the Gibson Research Corporation has an aptly-named utility called InSpectre.

It checks for Meltdown and Spectre hardware and software vulnerabilities in a Windows system. It will help you check if your system is getting patched properly against these vulnerabilities.

 

What Is Being Done??? Updated!

Note : The terms “mitigate” and “mitigation” mean the possibility of a successfully attacked are reduced, not eliminated.

  • Intel has started issuing software and firmware updates for the processors introduced in the last 5 years. By the middle of January 2018, Intel expects to have issued updates for more than 90% of those CPUs. However, that does not address the other Intel processors sold between 2010 and 2012.
  • Microsoft and Linux have started to roll our the KPTI (Kernel Page Table Isolation) patch, also known as the KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed) patch.
  • The KPTI or KAISER patch, however, will only protect against the Meltdown exploit. It has no effect on a Spectre attack.
  • Microsoft Edge and Internet Explorer 11 received the KB4056890 security update on 3 January 2018, to prevent a Meltdown attack.
  • Firefox 57 includes changes to mitigate against both attacks.
  • Google Chrome 64 will be released on 23 January 2018, with mitigations against Meltdown and Spectre attacks.
  • For Mac systems, Apple introduced mitigations against Spectre in macOS 10.13.2 (released on 8 January 2018), with more fixes coming in macOS 10.13.3.
  • For iOS devices, Apple introduced mitigations against Meltdown in iOS 11.2 and tvOS 11.2.
  • On 8 January 2018, Apple released iOS 11.2.2, which mitigates the risk of the two Spectre exploits in Safari and WebKit, for iPhone 5s, iPad Air, and iPod touch 6th generation or later.
  • ARM has made available the KPTI / KAISER kernel patches for Linux, while Google will provide them for Android.
  • Google patched Android against both exploits with the December 2017 and January 2018 patches.
  • Google shared details of their Return Rrampoline (Retpoline) binary modification technique that can be used to protect against Spectre attacks. It is a software construct that ensures that any associated speculative execution will “bounce” (as if on a trampoline) endlessly.
  • NVIDIA issued six driver and security updates for affected devices and software between 3-9 January 2018.
  • On 11 January 2018, AMD announced that the “majority of AMD systems” have received the mitigation patches against Spectre 1, albeit some older AMD systems got bricked by bad patches. They also announced that they will make “optional” microcode updates available for Ryzen and EPYC processors by the same week.
  • In the same 11 January 2018 disclosure, AMD also shared that Linux vendors have started to roll out OS patches for both Spectre exploits, and they’re working on the “return trampoline (Retpoline)” software mitigations as well.[adrotate group=”2″]
  • On 23 January 2018, Apple released Meltdown patches for macOS Sierra and OS X El Capitan, but not macOS High Sierra.
  • On 23 January 2018, Microsoft finally revealed their Spectre and Meltdown patch schedule.
  • On 24 January 2018, AMD revealed their 11 software mitigations for both Spectre exploits.
  • The 24 January 2018 AMD whitepaper also revealed that the AMD K10 and K8 processors are vulnerable as well, adding an additional 663 CPU models to the list of vulnerable processors.
  • On 2 February 2018, Microsoft released KB4078130 to disable the Spectre 2 patches that were causing many Intel systems to randomly and spontaneously reboot.
  • On 8 February 2018, an Intel microcode update schedule revealed that their Penryn-based processors are also vulnerable, adding an additional 314 CPU models to the list of vulnerable processors.
  • On 14 February 2018, Intel revealed an expanded Bug Bounty Program, offering up to $250,000 in bounty awards.

 

Some AMD PCs Got Bricked

In the rush to mitigate against Meltdown and Spectre, Microsoft released Windows 10 patches that bricked some AMD PCs. They blamed the incorrect / incomplete documentation provided by AMD.

You can read more about this issue @ These Windows 10 Updates Are Bricking AMD PCs!

 

Buggy Intel Spectre 2 Patches Updated!

Intel’s rush to patch Meltdown and Spectre resulted in buggy microcode patches, causing several generations of their CPUs to randomly and spontaneously reboot.

So far, over 800 Intel CPU models have been identified to be affected by these spontaneous reboot issues. If you have one of the affected CPUs, please hold off BIOS / firmware updates!

Intel has identified the cause as the Spectre 2 patches in their microcode updates for some of these processors. They’re still investigating the cause of the other affected CPU models.

Fortunately for Windows users, Microsoft issued the KB4078130 emergency update to stop the reboots while Intel worked to fix the issue.

You can read more about this issue @ The Intel Spectre Reboot Issue, and the Microsoft solution @ KB4078130 : Emergency Windows Update To Disable Intel Spectre Patches!

 

What Should You Do? Updated!

First and foremost – DO NOT PANIC. There is no known threat or attack using these exploits.

Although we listed a number of important patches below, the buggy updates are worse than the potential threat they try to fix. So we advise HOLDING OFF these patches, and wait for properly-tested versions a few weeks down the line.

  • If you are using Windows, make sure you install the latest Microsoft Spectre and Meltdown updates.
  • If you are using a Mac system, get the latest Apple Spectre and Meltdown patches.
  • If you are using an iOS device, get updated to iOS 11.2 or tvOS 11.2.
  • If you are using Firefox, update to the latest Firefox 57.
  • If you are using Google Chrome, make sure you watch out for Chrome 64, which will be released on 23 January.
  • Download and install the latest software firmware updates from your PC, laptop, motherboard brands. In particular, install the latest driver for the Intel Management Engine (Intel ME), the Intel Trusted Execution Engine (Intel TXE), and the Intel Server Platform Services (SPS)
  • If you are running an ARM processor on Linux, grab the kernel patches.
  • IBM POWER system users can download and install these firmware updates.
  • Users of affected NVIDIA systems can download and install these driver and firmware updates.
  • If you are using an Intel system, hold off updating your firmware, unless you have already verified that your CPU is not affected by the buggy Intel patches, or Intel has already issued corrected patches.

 

The Performance Impact Of The Mitigation Patches

Many benchmarks have been released, showing performance impacts of between 5% to 30%, depending on the type of benchmark and workload. Microsoft has called those benchmark results into question, stating that they did not cover both operating system and silicon microcode patches.

They released an initial report on their findings, which we have summarised in our article – Pre-2016 Intel CPUs Hit Worst By Meltdown + Spectre Fix.

 

Meltdown + Spectre Reading Suggestions

[adrotate group=”2″]

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Pre-2016 Intel CPUs Hit Worst By Meltdown + Spectre Fix

Microsoft just revealed that pre-2016 Intel CPUs will be hit worst by the Meltdown and Spectre patches. They also pointed out that the performance impact detailed in benchmarks published so far did not include both operating system and silicon updates, and are therefore, inaccurate.

Microsoft is still working on their own set of benchmarks that will look at the performance impact after both operating system and silicon updates have been applied. In the meantime, Terry Myerson, Executive Vice President of the Windows and Devices Group, shared some preliminary findings.

 

Performance Impact Of The Meltdown + Spectre Patches

According to Terry, the patches for Variant 1 (Spectre 1) and Variant 3 (Meltdown) of the speculative execution bug have minimal performance impact.

It is the Variant 2 (Spectre 2) patches, both operating system and silicon microcode, that have a significant performance impact.

Here is a summary of what Microsoft has found so far :

Windows 10 With 2016 Or Newer Intel CPUs

Intel CPU Models : Intel Skylake, Intel Kaby Lake, Intel Coffee Lake

Performance Impact : Single digit reduction in performance. Microsoft does not expect most users to notice the impact, because the percentages are “reflected in milliseconds“.

Windows 10 With Pre-2016 Intel CPUs

Intel CPU Models : Intel Broadwell, Intel Haswell, Intel Ivy Bridge, Intel Sandy Bridge, or older.

Performance Impact : Significant slowdowns in some benchmarks. Microsoft expects some users to notice the decrease in performance.

Windows 8 and Windows 7 With Pre-2016 Intel CPUs

Intel CPU Models : Intel Broadwell, Intel Haswell, Intel Ivy Bridge, Intel Sandy Bridge, or older.

Performance Impact : Significant slowdowns. Microsoft expects most users to notice the decrease in performance.

Windows Server On Any Intel CPU

Performance Impact : Significant slowdowns in any IO-intensive application.

 

Why The Difference In Performance Impact?

In the newer Intel processors (from the 2016 Skylake onwards), Intel refined the instructions used to disable branch speculation to be more specific to indirect branches. This reduces the performance impact of Spectre mitigation patches.

There is a larger performance impact with Windows 8 and Windows 7 because they have more user-kernel transitions. For example, all font rendering takes place in the kernel.

 

What Should You Do?

If you are using a newer Intel CPU like the Core i7-8700K with Windows 10, you can rest easy knowing that the performance impact of the Meltdown and Spectre patches to be minimal.

If you are using a newer Intel CPU with an older operating system like Windows 8 or Windows 7, you should consider upgrading to Windows 10. This would reduce the performance impact of the Meltdown and Spectre patches.

[adrotate group=”2″]

If you are using a pre-2016 Intel CPU with Windows 10, there is nothing much you can do except consider upgrading to a newer processor. You could possibly live with the performance impact of the Meltdown and Spectre patches.

If you are using a pre-2016 Intel CPU with an older operating system like Windows 8 or Windows 7, you can try upgrading to Windows 10 to reduce the performance impact of the Meltdown and Spectre patches.

If you are managing a Windows Server that uses Intel CPUs, you will need to balance the risk of leaving each Windows Server instance unprotected, against the significant performance impact of protecting it against Meltdown and Spectre.

 

Meltdown + Spectre Reading Suggestions

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!


Apple Rushed Out macOS Root Bug Fix & It Shows…

Lemi Orhan Ergin did not give Apple any forewarning when he publicly revealed the massive macOS root bug on Twitter. He basically exposed a zero-day vulnerability for hackers to use, while Apple rushed on a bug fix. The good news is Apple just issued the root bug fix in Security Update 2017-001.

This is really fast work, but it also showed their sloppiness. Hopefully, the bug fix does not introduce additional bugs!

 

macOS Security Update 2017-001

[adrotate group=”2″]

Apple released macOS Security Update 2017-001 just a day after the macOS root bug was revealed. They also gave us more information on the bug that caused so much ruckus around the world (and rightly so).

  • The bug only affected macOS High Sierra 10.13.1.
  • The bug did not affect computers running macOS Sierra 10.12.6 or earlier.
  • They confirmed that it allowed an attacker to “bypass administrator authentication without supplying the administrator’s password“.

You can get more details on the root bug in our dedicated article – The macOS High Sierra Root Bug Explained!

 

How Do I Download The Root Bug Fix?

The macOS root bug fix is now available for download via the App Store. If it doesn’t appear yet, just click on the Updates icon to refresh.

Please note that this bug fix will reset and disable the root user account.  If you need to use the root user account, you will need to re-enable it, and change its password, after applying the update.

 

Terminal Users, Watch Out!

If you’re using Terminal to update though, you may face some complications due to Apple’s sloppiness. Chai discovered that Apple accidentally used a space instead of the version number.

This is not an issue if you are downloading the patch through the App Store. But if you’re applying the patch via Terminal, you need to add a space.

softwareupdate -i “Security Update 2017-001- “

Go Back To > Articles | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!