New Flaw in Intel CPUs – Lazy FP State Restore

Windows Articles

How to Install APK file on Android

Hello Friends! Today we bring you a simple guide on how to install an APK file in Android. What...

How to Install the Latest version of FFmpeg on Ubuntu 20.04 / Debian 10?

Knowing how to install the latest version of FFmpeg is important if you know how to work with multimedia files. So in...

How to block emails from specific senders in Outlook

Hello, how are you? Today we will talk a little about Microsoft Outlook. It is well known that its main function is...

How to Block a phone number on Android

Hello friends. In this post, we will show you how to block a phone number on Android. Have you ever wondered how...

How to install Java 15 on CentOS 8 / CentOS 7

Recently Java 15 has been released with interesting new features in the accounting field and introducing many security patches. In spite of...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Processor is the most important of all the hardware components of any computer as it manages all the tasks and enables us performing all the actions, like you’re reading this post. Recently, security researchers identified a brand new vulnerability in Intel CPUs called “Lazy FP State Restore”. At first, there was the Meltdown and Spectre with different strong variants. Now this! Intel is surely having hard time.

The vulnerability affects all the Intel CPUs of the Core-based series, according to Intel’s official statement. The horrible thing is, it’s present physically inside the processors, meaning that any operating running on any Intel Core-based CPU will be vulnerable to the attack.

What is Lazy FPU context switching?

At first, let’s talk about the vulnerable section of the CPU. Lazy FPU context switching is a performance optimization feature. It’s responsible for saving and restoring the FPU (Floating Point Unit) registers. These registers hold the floating point numbers and allows access to those whenever necessary.

Now, the bug here is physical. The physical bug in the CPU allows other processes to sneak into these registers along with their data.

The problem is, these numbers are necessary for various important tasks like cryptographic equations. Thus, a hacker may be able to sniff out numbers from these registers to crack an encryption key. The next moment, everything else will be gone.

The scope of the vulnerability

Despite it’s a major CPU bug in the processors, it’s not executable using a web browser. That makes this vulnerability less effective than the Meltdown. Meltdown is preventable with operating system patches in cost of performance.

Rumors about the bug

Before the vulnerability was officially disclosed, there were rumors about it since DragonflyBSD and OpenBSD released notices about patches that would fix this vulnerability. The notice was a strong indication that there was something wrong with the FPU registers in Intel’s processors.

Thankfully, this bug is preventable without changing the existing microcode. That’s a big relief for Intel whereas vendors are working for fixing the issue with future patches.

Here is a list of all the official statements of different vendors.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to Install APK file on Android

Hello Friends! Today we bring you a simple guide on how to install an APK file in Android. What...

How to Install the Latest version of FFmpeg on Ubuntu 20.04 / Debian 10?

Knowing how to install the latest version of FFmpeg is important if you know how to work with multimedia files. So in...

How to block emails from specific senders in Outlook

Hello, how are you? Today we will talk a little about Microsoft Outlook. It is well known that its main function is...

How to Block a phone number on Android

Hello friends. In this post, we will show you how to block a phone number on Android. Have you ever wondered how...

How to install Java 15 on CentOS 8 / CentOS 7

Recently Java 15 has been released with interesting new features in the accounting field and introducing many security patches. In spite of...
x