Specter vulnerability is still an obsession for Intel CPU users, Microsoft officially offers a solution
Remember Specter and Meltdown, the two CPU vulnerabilities that have caused terror to PC users around the world since they were first discovered in 2017?
Remember Specter and Meltdown, the two CPU vulnerabilities that have caused terror to PC users around the world since they were first discovered in 2017? Variant 2 of the nightmare called Specter once again reappeared in Intel CPUs, forcing Microsoft to urgently publish a guide on how to enable mitigation measures.
In a post on the Microsoft Security Response Center, the company said:
On April 9, 2024, we published information about the vulnerability CVE-2022-0001 | Intel Branch History Injection, which describes Branch History Injection (BHI), a specific form of intra-mode BTI. This vulnerability occurs when an attacker can manipulate branch history before switching from user mode to supervisor mode (or from VMX on-root/guest mode to root mode).
BHI is essentially a proof-of-concept attack that affects CPUs that are already vulnerable to exploitation, even with all the mitigations in place. As reported by Phoronix experts, this new exploit can bypass Intel's Enhanced Indirect Branch Restricted Speculation (EIBRS) (or CSV2 in the case of ARM CPUs) by using a branch history cache. buffer - BHB). BHI re-enables the cross-privileged Specter-v2 exploit, allowing kernel-to-kernel (also known as BTI in local mode) exploits and paving the way for malicious actors to inject prediction entries into History Injection aims to leak kernel data. As a result, arbitrary kernel memory on the targeted CPUs could be leaked, leading to the potential disclosure of confidential information, including passwords.
This means that most modern Intel CPUs from 6th generation (Skylake) onwards can be affected by the vulnerability. In addition, many core architectures from ARM, including Cortex A15, A57, A72 as well as Neoverse V1, N1 and N2 are also in danger.
The latest guide published by Microsoft deals with editing the Windows Registry and as such, there will also be a lot of warnings that users need to be cautious of.
We are providing the following registry information to enable mitigations for this CVE.
To enable mitigation of CVE-2022-0001 on Windows devices and clients using Intel processors:
reg add "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management" /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f reg add "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 0x00000003 /f
With that said, after applying mitigation measures, there may be some negative effects on system performance. You can find more detailed technical information at the source links below.
CVE-2022-0001 Branch History Injection
Branch History Injection and Intra-mode Branch Target Injection (Intel)
You should read it
- Instructions for checking the Specter vulnerability for the browser with Tencent's tool
- The new Specter vulnerability appears to be a new variant that easily 'crashes' secure partitions created by Intel SGX
- Intel will stop releasing patches for the Specter v2 security hole on some older CPUs
- Specter V2 vulnerability re-appears to attack Intel, Arm CPUs, AMD chips are not affected
- Microsoft released an emergency patch for Windows, turned off the Specter patch, causing a drop in system performance
- The security feature prevents the Specter vulnerability, which makes Chrome account for 10-13% more computer RAM
- HP introduced Specter 13x2 and Specter 13 laptops
- Intel: After installing Specter / Meltdown vulnerability patch your computer will slow down to 10%
- There is an iOS and Mac update that fixes the Specter vulnerability
- How to know if your Windows computer is affected by Meltdown and Specter?
- Review HP Specter x360: Excellent 2-in-1 laptop
- Intel will fix Meltdown and Specter over 90% of new products within 1 week