05-15-2019, 11:26 PM
https://www.techpowerup.com/255537/amd-c...rabilities
https://www.techpowerup.com/255534/intel...mitigation
https://www.tomshardware.com/news/disabl...39348.html
https://www.techpowerup.com/255545/intel...-on-may-14
Quote:AMD in a statement confirmed that its processors are unaffected by the RIDL (Rogue In-Flight Data Load) and Fallout vulnerabilities. The company however worded its statement in CYA language, just to be safe. "...we believe our products are not susceptible to 'Fallout' or 'RIDL' because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so," reads the AMD statement put out late Tuesday (14th May).
https://www.techpowerup.com/255534/intel...mitigation
Quote:Intel Tuesday once again shook the IT world by disclosing severe microarchitecture-level security vulnerabilities affecting its processors. The Microarchitectural Data Sampling (MDS) class of vulnerabilities affect Intel CPU architectures older than "Coffee Lake" to a greater extent. Among other forms of mitigation software patches, Intel is recommending that users disable HyperThreading technology (HTT), Intel's simultaneous multithreading (SMT) implementation. This would significantly deplete multi-threaded performance on older processors with lower core-counts, particularly Core i3 2-core/4-thread chips.
On "safer" microarchitectures such as "Coffee Lake," though, Intel is expecting a minimal impact of software patches, and doesn't see any negative impact of disabling HTT. This may have something to do with the 50-100 percent increased core-counts with the 8th and 9th generations. The company put out a selection of benchmarks relevant to client and enterprise (data-center) use-cases. On the client use-case that's we're more interested in, a Core i9-9900K machine with software mitigation and HTT disabled is negligibly slower (within 2 percent) of a machine without mitigation and HTT enabled. Intel's selection of benchmarks include SYSMark 2014 SE, WebXprt 3, SPECInt rate base (1 copy and n copies), and 3DMark "Skydiver" with the chip's integrated UHD 630 graphics. Comparing machines with mitigations applied but toggling HTT presents a slightly different story.
https://www.tomshardware.com/news/disabl...39348.html
Quote:Apple has joined Google in advising customers to disable Intel CPUs' Hyper-Threading feature. This drastic measure is supposed to defend against Microarchitectural Data Sampling (MDS) issues that Intel disclosed on Monday. Apple warned, however, that defending against those vulnerabilities by disabling Hyper-Threading "may have a significant impact on the performance" of the system in question.
The MDS security vulnerabilities are present in nearly every modern Intel processor. Intel released updates to help protect affected systems, but those updates might not be enough to protect them, which is why Apple and Google have told customers to disable Hyper-Threading. Intel told us on Tuesday that most people won't have to disable Hyper-Threading; it depends on each individual's security requirements.
So just how significant of a performance impact can Apple customers expect if they disable Hyper-Threading?
"Testing conducted by Apple in May 2019 showed as much as a 40 percent reduction in performance with tests that include multithreaded workloads and public benchmarks," the company said. That's based on the company's test systems, though, and the actual impact will vary between devices.
Nobody wants their MacBook to be half as fast as it was before these mitigations were revealed. Because there isn't a known exploit involving the MDS flaws, these performance drops could be enough to convince many people not to defend their systems. It's pretty much like Intel said yesterday: everyone will have to decide for themselves if the improved security outweighs the dramatic performance impact.
https://www.techpowerup.com/255545/intel...-on-may-14
Quote:Intel released CPU microcode updates to address four new security vulnerabilities disclosed by the company on May 14, 2019. These microcode updates can be encapsulated as motherboard UEFI firmware updates, and for some processors even distributed through Windows Update. In its Microcode Revision Guidance document put out on Tuesday, Intel revealed that all Core and Xeon processors going as far as the 2nd generation Core "Sandy Bridge" architecture are eligible for microcode updates.

