Awaiting a "fix" from MSFT...
No mention of other systems though... are BSD, Linux, OSX etc. typically vulnerable? What about security orientated OSs like Qubes? Passing reference to "cloud" so can Xen be pwned/escaped from within a browser?
Security researchers have discovered a means to use previously unknown vulnerabilities found in in-memory deduplication to attack otherwise well-defended systems. The well-known standard compression technique, which is ubiquitous as a way of reducing the memory footprint across virtual machines, is also a by-default feature …
Steady on Hans! I did mention BSD - but it's really just a more security concious general purpose OS - not playing in the same league of security obsession as Qubes (or Whonix and whatnot...).
The report does state:
"On Linux, memory deduplication is known as kernel same page merging (KSM). The implementation operates differently compared to Windows, combining both scanning and merging operations in periodic and incremental passes over physical memory"
...but doesn't give an obvious statement on whether or not that's a good thing as far as this attack is concerned. Still reading...
Edit: Not sure why asking a question would earn us each a downvote... Has RICHTO stopped to pay us his respects?
This isn't a Microsoft problem; this is a computer theory problem (there are many of these) which can be alleviated by the operating system. In this case, the problem is how memory itself is deduped, stored and secured.
It's likely other operating systems will find the same or similar problems since all use deduplication to handle data. Not only in memory, but on permanent storage media as well. Pointers instead of duplicate information is used all over the place to save time and space.
It seems that "KSM" (Kernel Samepage Merging) is typically disabled by default on Linux distros. It's enabled and tuned by a package called... somewhat unsurprisingly... "ksmtuned"
You can check with:
"1" being "enabled" and "0" "disabled" - obviously.
Because it's A LOT faster and allows more uniformity.
Unless you want to go back to the coding days where you really had to worry about where things were put into memory to ensure there were no conflicts. Manual memory management was a pain in the arse when most programs were less than 512K. Now programs require gigs of memory, it would take forever just to get it out the door by a team of people dedicated to it. Even then, you'd gripe because you'll use a program only to find it conflicts with another, and crashes. ..and if you think memory leaks are bad now. HA!
Again I say, half the people who post are below average intelligence... but it's probably a lot higher when it comes to knowledge of computer theory.
Newer languages and software architectures are utter catastrophe when it comes to memory use & management. For no added value except overly "architectured" code and runtimes for.. nearly zero gains (except trashing CPU caches by mis-aligning objects in memory and useless context switches). THAT'S why new software needs gigs of RAM.
You may be naïve thinking all this "progress" happen for the greater good. Mister commentard it is an industry with some of the most important issues on Earth (millions of billions of $, strategic information dominance, industry/military intelligence, ..) and it certainly is a filthy one.
Hard & soft.
It's a hardware feature/flaw (depending on your point of view) optionally activated by the kernel (or hypervisor) and handled differently by different kernels - potentially with differing ramifications as a result... As far as I can tell so far.
A more comprehensive list of systems which enable it by default would have been nice. Not just the list of M$ systems which enable it (8.1 & X) but it does seem to be off by default on most Linux distros.
"Rowhammer involves rapidly writing and rewriting memory to force capacitor errors in DRAM that can then be exploited to gain control of the system." Imagine that a "capacitor error" is an actual fire, as one might find if the attack conduit is a Smart Meter, and the "memory" is simply the On/Off of a device in its network.
Biting the hand that feeds IT © 1998–2019