Patch, or disable HT, now.
Intel has warned of a quartet of serious security vulnerabilities in processors going back more than a decade, dubbed Microarchitecture Data Sampling (MDS) by Intel and RIDL, Fallout, and ZombieLoad by the researchers which discovered them.
The growing complexity of modern microprocessors coupled with the constant need to showcase improved performance with each generation finally came to a head early last year with the discovery of Meltdown and Spectre, two hardware vulnerabilities which allowed unprivileged processes to infer the contents of protected memory – effectively allowing any program running on an affected computer to read data including passwords and security certificate keys. While some of the vulnerabilities exploited by Spectre and Meltdown affected processors from AMD and Arm, the majority targeted flaws in Intel’s processors – and were followed by mitigation patches which sapped performance and outright crashed systems. While Intel eventually rolled out stable fixes, though still with measurable performance impacts in many cases, it has since been fighting a string of similar vulnerabilities including Spectre Next Generation, Spectre 4, Spectre 1.1 and 1.2, SpectreRSB, NetSpectre, and more. Meltdown and Spectremitigation patches which sapped performanceoutright crashed systemsSpectre Next GenerationSpectre 4Spectre 1.
