After so many patches: a flaw discovered 6 years ago still threatens our systems.
About 6 years ago, vulnerabilities affecting most Intel and AMD processors were discovered. These defects, known as Spectre and Meltdown, can be used to steal sensitive data from compromised systems.
In March 2022, Intel released an update for one of the Spectre variants. In response, Microsoft has implemented appropriate security measures in the client and server versions of Windows. However, as it turns out, these measures are disabled by default, probably due to the negative impact on performance.
On its MSRC (Microsoft Security Response Center) portal, Microsoft writes:
"On April 9, 2024, we published a description of the CVE vulnerability-2022-0001 | Intel Branch History Injection, which is a type of inter-mode BTI vulnerability.
An attacker can manipulate the branch history before switching from user mode to privileged mode (or from non-privileged VMX mode to privileged mode). In this way, you can force the indirect branch predictor to select a specific entry in the indirect branch. As a result, the transient disclosure code will be executed in the predicted target. This is possible because the transition history may contain branches executed earlier, including in other predictor modes."
Thus, the Spectre vulnerability allows exploiting features of processors that use branch prediction or speculative execution mechanisms. It also helps you bypass hardware protections such as Enhanced Indirect Branch Restricted Specification (EIBRS) (or similar tools for ARM processors known as CSV2). This uses a Branch History Buffer (BHB), which is why the second version of Spectre is also called Specter-BHB, Branch History Injection (BHI), or Branch Target Injection (BTI).
To find out if your processor is at risk, follow these steps::
1. Open "Start" > "Settings" > "System" > "About" and check the specified processor.
2. Open sites Nist.gov and Intel's Affected Processors and find information about your processor there.
If your processor is listed as vulnerable, you can enable security measures by following these steps::
1. Open Start, type CMD, and run the command prompt as an administrator.
2. Confirm the UAC request by selecting "Yes".
3. Run two commands:
4. Restart your computer after adding the registry keys.
It is worth noting once again that security measures can affect performance, so we recommend that you carefully monitor the system after applying them.
For Linux users, Microsoft suggests using the "spectre_bhi=on" option on the kernel command line.
Important: Before applying the settings, it is extremely important to make a full backup of the system disk, and not rely on the built-in Windows backup tools that are not designed for this purpose.
While it is vital for organizations to implement security measures, the risk of such attacks is relatively low for ordinary users.
About 6 years ago, vulnerabilities affecting most Intel and AMD processors were discovered. These defects, known as Spectre and Meltdown, can be used to steal sensitive data from compromised systems.
In March 2022, Intel released an update for one of the Spectre variants. In response, Microsoft has implemented appropriate security measures in the client and server versions of Windows. However, as it turns out, these measures are disabled by default, probably due to the negative impact on performance.
On its MSRC (Microsoft Security Response Center) portal, Microsoft writes:
"On April 9, 2024, we published a description of the CVE vulnerability-2022-0001 | Intel Branch History Injection, which is a type of inter-mode BTI vulnerability.
An attacker can manipulate the branch history before switching from user mode to privileged mode (or from non-privileged VMX mode to privileged mode). In this way, you can force the indirect branch predictor to select a specific entry in the indirect branch. As a result, the transient disclosure code will be executed in the predicted target. This is possible because the transition history may contain branches executed earlier, including in other predictor modes."
Thus, the Spectre vulnerability allows exploiting features of processors that use branch prediction or speculative execution mechanisms. It also helps you bypass hardware protections such as Enhanced Indirect Branch Restricted Specification (EIBRS) (or similar tools for ARM processors known as CSV2). This uses a Branch History Buffer (BHB), which is why the second version of Spectre is also called Specter-BHB, Branch History Injection (BHI), or Branch Target Injection (BTI).
To find out if your processor is at risk, follow these steps::
1. Open "Start" > "Settings" > "System" > "About" and check the specified processor.
2. Open sites Nist.gov and Intel's Affected Processors and find information about your processor there.
If your processor is listed as vulnerable, you can enable security measures by following these steps::
1. Open Start, type CMD, and run the command prompt as an administrator.
2. Confirm the UAC request by selecting "Yes".
3. Run two commands:
- reg add «HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management» /v FeatureSettingsOverride /t REG_DWORD /d 0x00800000 /f
- reg add «HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management» /v FeatureSettingsOverrideMask /t REG_DWORD /d 0x00000003 /f
4. Restart your computer after adding the registry keys.
It is worth noting once again that security measures can affect performance, so we recommend that you carefully monitor the system after applying them.
For Linux users, Microsoft suggests using the "spectre_bhi=on" option on the kernel command line.
Important: Before applying the settings, it is extremely important to make a full backup of the system disk, and not rely on the built-in Windows backup tools that are not designed for this purpose.
While it is vital for organizations to implement security measures, the risk of such attacks is relatively low for ordinary users.
