Windows 10: Mitigating speculative execution side-channel attacks in Edge and IE11

Brink · Jan 3, 2018

Today, Google Project Zero published details of a class of vulnerabilities which can be exploited by speculative execution side-channel attacks. These techniques can be used via JavaScript code running in the browser, which may allow attackers to gain access to memory in the attacker’s process.

Microsoft has issued security updates (KB4056890) with mitigations for this class of attacks. As part of these updates, we are making changes to the behavior of supported versions of Microsoft Edge and Internet Explorer 11 to mitigate the ability to successfully read memory through this new class of side-channel attacks.

Initially, we are removing support for SharedArrayBuffer from Microsoft Edge (originally introduced in the Windows 10 Fall Creators Update), and reducing the resolution of performance.now() in Microsoft Edge and Internet Explorer from 5 microseconds to 20 microseconds, with variable jitter of up to an additional 20 microseconds. These two changes substantially increase the difficulty of successfully inferring the content of the CPU cache from a browser process.

We will continue to evaluate the impact of the CPU vulnerabilities published today, and introduce additional mitigations accordingly in future servicing releases. We will re-evaluate SharedArrayBuffer for a future release once we are confident it cannot be used as part of a successful attack.

— John Hazen, Principal PM Lead, Microsoft Edge
Click to expand...

Source: Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer - Microsoft Edge Dev Blog

See also update: Cumulative Update KB4056892 Windows 10 v1709 Build 16299.192 - Windows 10 Forums

:)

Darlene Hamilton · Jan 3, 2018

Windows 10 we cannot connect to the update service

Apparently the problem is solved. It seemed to be "cured" by a Windows Update since then. I tried to manually update, and got that to work once (finding the update site was almost an exercise in futility, but I finally managed.) At least I assume it was
a later update. I singed on and did not observe the problem any more. I DO say that I've had to "re-register" Spotlight several times since the first update problem appeared, but even that seems to have worked itself out.

So, yes; it looks good, now, but I have no idea what the cause was.
Click to expand...

PLEASE READ :

Microsoft Security Advisory:
MSRC ADV180002

Intel:
Security Advisory

ARM:
Security Advisory

AMD:
Security Advisory

NVIDIA:
Security Advisory

Microsoft Secure blog:
Understanding the Performance Impact of Spectre and Meltdown Mitigations on Windows Systems

Windows for Business blog:
Windows Analytics now helps assess Meltdown and Spectre protections

Consumer Guidance:
Protecting your device against chip-related security vulnerabilities

Antivirus Guidance:
Windows security updates released January 3, 2018, and antivirus software

Guidance for AMD Windows OS security update block:
KB4073707: Windows operating system security update block for some AMD based devices

Update to Disable Mitigation against Spectre, Variant 2:
KB4078130: Intel has identified reboot issues with microcode on some older processors

Surface Guidance:
Surface Guidance to protect against speculative execution side-channel vulnerabilities

IT Pro Guidance:
Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

Edge Developer Blog:
Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer

Server Guidance:
Windows Server guidance to protect against speculative execution side-channel vulnerabilities

Server Hyper-V Guidance

Virtual Machine Resource Controls

Hyper-V Host CPU Resource Management

Azure Blog:
Securing Azure customers from CPU vulnerability

Azure KB:
KB4073235: Microsoft Cloud Protections Against Speculative Execution Side-Channel Vulnerabilities

Azure Stack guidance:
KB4073418: Azure stack guidance to protect against the speculative execution side-channel vulnerabilities

SQL Server guidance:
KB4073225: SQL Server Guidance to protect against speculative execution side-channel vulnerabilities

SCCM guidance:
Additional guidance to mitigate speculative execution side-channel vulnerabilities

Rey Cam · Jan 3, 2018

Windows 10 stutters / lag when opening UWP apps

Below is the official Microsoft statement on this issue.

“We’re aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying
mitigations to cloud services and are releasing security updates todayto protect Windows
customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.”

Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as "speculative execution side-channel attacks" that affects many modern processors and operating systems including Intel, AMD,
and ARM.

To address these issues, Microsoft has worked in partnership with the hardware industry to develop mitigations and guidance.

Your understanding is highly appreciated.

Windows 10: Mitigating speculative execution side-channel attacks in Edge and IE11

Mitigating speculative execution side-channel attacks in Edge and IE11

Mitigating speculative execution side-channel attacks in Edge and IE11

Mitigating speculative execution side-channel attacks in Edge and IE11 - Similar Threads - Mitigating speculative execution

Microsoft CVE-2017-5715: Guidance to mitigate speculative execution side-channel...

Dictionary attack mitigation triggered

Dictionary attack mitigation triggered

Windows Sandbox and Intel CPU Speculative side channel vulnerabilities

Q3 2018 Intel Speculative Execution Side Channel Update

Surface Guidance for speculative execution side-channel vulnerability

New Speculative Execution Side-Channel Vunerability (Variant 4)

Mitigating arbitrary native code execution in Microsoft Edge

Mitigating speculative execution side channel hardware vulnerabilities