Processors
Intel® Processors, Tools, and Utilities
14403 Discussions

Mitigating the last "L1 terminal fault" vulnerabilities - possible or not?

MDib
New Contributor II
2,205 Views

Hello,

So I have a 8700K and MSI Z370 with the last BIOS (and also the last, and necessary microcode update - see picture). I have installed the OS patch (Windows 10 x64). Yet the PC is still vulnerable, I can't figure why.

This is from the perspective of a normal Windows 10 user, i.e. client side, no Hyper-X, no SGX (not even installed that as there's no use to it unless you develop stuff, from what I've heard).

What I tried:

- turning off Hyperthreading - no effect (was suggested as necessary if using Virtualization-Based Security - mine shows as Disabled in msinfo, still gave it a shot)

- manually enabling SSBD mitigations - that changed the SSBDWindowsSupportEnabledSystemWide flag to True, as expected. Sadly L1TFHardwareVulnerable is also remaining True...

Intel (and Microsoft) are saying that the microcode necessary for L1TF is the same required for SSBD:

Are there mitigations in place?

Yes. The microcode updates released earlier this year when coupled with operating system and hypervisor software updates available now from our industry partners, ensure consumers, IT professionals and cloud service providers have access to the protections they need.

The required microcode is the same microcode that addresses CVE-2018-3639 and CVE-2018-3640.

The last 8700K microcode is Rev 0x96 (see picture as well).

So all the pieces should fall into place, yet they don't. The PC is still found as vulnerable. So... what could be the issue here?

Thanks!

0 Kudos
7 Replies
KenF_Intel
Moderator
1,208 Views

Hi Muad Dib,

First, great name. I'm a huge Dune fan.

Now to your question. This page from Microsoft explains the output of Get-SpeculationControlSettings: https://support.microsoft.com/en-us/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell https://support.microsoft.com/en-us/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell . My understanding of the output actually confirms that you have the correct mitigations in place, but I will confirm this with our engineering team.

Just so there is no misunderstanding, please clarify which part of the output is leading you to believe you are still vulnerable.

Lastly, you might want to pose the same question on a Microsoft forum since this is their script. They might be able to provide a more timely response.

MDib
New Contributor II
1,208 Views

Yeah I posted on the Microsoft Answers site as well, I know it's something that depends on them more than it depends on you.

Turn out they decided for some reason to change the way this vulnerability and its mitigations are detected. Now if your hardware is vulnerable, it stays like that even after all mitigations are in place, which is confusing and dumb if that's the case.

Full answer:

The post here may help explain how to interpret what "hardware is vulnerable to L1 terminal fault" means: https://support.microsoft.com/en-us/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell https://support.microsoft.com/en-us/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell

In short, this line will always report as True if the hardware is believed to be vulnerable to L1 terminal fault, even if the mitigation is enabled. The important part is the line that refers to "L1 terminal fault mitigation is enabled", which in your screenshot reports as True. This indicates that the mitigation is enabled and that this device is protected from CVE-2018-3620.

Hope that helps,

Matt Miller

Microsoft Security Response Center

Would be great if you would get a confirmation from Intel engineers as well.

Oh and the part that is confusing is this below. I think that once you're all patched you should not be told your hardware is vulnerable, makes no sense.

Hardware is vulnerable to L1 terminal fault: TrueMaps to L1TFHardwareVulnerable. This line tells you if the hardware is vulnerable to L1 Terminal Fault (L1TF, CVE-2018-3620). If it is True, the hardware is believed to be vulnerable to CVE-2018-3620. If it is False, the hardware is known to not be vulnerable to CVE-2018-3620.

Thanks.

PS: Frank Herbert was a genius, I find it really hard to say I'm a fan of anything, but Frank Herbert's Dune and Isaac Asimov's Foundation series are worth that. I'm sure they would love seeing how humanity continues to innovate and improve technology at a rate that it's pure insanity.

0 Kudos
idata
Employee
1,208 Views

Thanks for the update. I'll continue checking with engineering but that's pretty much what I expected.

 

 

I agree it's a confusing way to communicate the status. Maybe we will get something better down the road.

 

 

Agree on Asimov. I can't count the number of times I've read the original Foundation series. Plus all his other stuff (Pebble in the Sky, The Currents of Space etc., all the short stories).
0 Kudos
MGorb1
New Contributor I
1,208 Views

I think that this description is correct because these CPU vulnerabilities cannot be patched by microcode.

Microcode updates only expose/create mechanism to help an OS mitigate the problem.

0 Kudos
idata
Employee
1,208 Views

Hello t0yz

 

 

Thank you for joining the community.

 

 

I see that you are having concerns about the L1 Terminal Fault, allow me to help with your inquiries.

 

 

I would like to share with you the following link for information available about the L1 Terminal Fault :

 

 

https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html

 

 

Hope his help.

 

 

Regards,

 

Leonardo C.

 

idata
Employee
1,208 Views

Hello t0yz

 

 

I was checking your case and would like to know if you need further help. If so, please do not hesitate in replying back.

 

 

Regards,

 

Leonardo C.

 

MDib
New Contributor II
1,208 Views

It's all good/issue solved, I think, just an odd formulation of that output.

From the Speculation Control Validation PowerShell Script page:

The picture shows that you have an affected processor (hardware is vulnerable), not that you haven't patched it. I can see how that could be confusing, will see if we can make that more clear. If you go to the table that explains the different lines, you will see that vulnerable doesn't take into consideration whether you have the latest microcode or not. https://support.microsoft.com/en-us/help/4074629/understanding-the-output-of-get-speculationcontrolsettings-powershell We wouldn't say that hardware is not vulnerable if you have the latest microcode because the hardware is still vulnerable. The microcode does not make it "not vulnerable". For example, you are still vulnerable to the Kernel attack vector (CVE-2018-3620) if you have updated microcode but haven't gotten the Windows updates. Hope this helps.

Problem is, I applied the OS updates as well, on a platform with the required microcode, so my expectation was to see that what was once vulnerable is no longer.

But all that matters was the "I can see how that could be confusing, will see if we can make that more clear." part. I'm already happy that this process is transparent and we have tools to check our PC's status. It's not ideal that this whole thing happened, but mistakes do happen. Also marked a correct answer, although there were more, but that's a forum limitation, so not much I can do.

Reply