• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

"Downfall" Intel CPU Vulnerability Can Impact Performance By 50%

Joined
Apr 6, 2021
Messages
1,131 (0.83/day)
Location
Bavaria ⌬ Germany
System Name ✨ Lenovo M700 [Tiny]
Cooling ⚠️ 78,08% N² ⌬ 20,95% O² ⌬ 0,93% Ar ⌬ 0,04% CO²
Audio Device(s) ◐◑ AKG K702 ⌬ FiiO E10K Olympus 2
Mouse ✌️ Corsair M65 RGB Elite [Black] ⌬ Endgame Gear MPC-890 Cordura
Keyboard ⌨ Turtle Beach Impact 500
Exactly. But they're also NOT clairvoyant. There are times when it is impossible to see a problem coming until it's already behind you.

They could bigly reduce such "unforeseen consequences" with proper QA. ;) But they're doing the exact opposite, cutting corners wherever they can to increase profits for shareholders. Just look at all the late scandals, not only in tech. Food safety, drug safety, finance, you name it. And when stuff gets public they all act surprised. On top governments let them way too easy of the hook "to protect jobs", which kinda encourages them to not change a thing.



Also it's not surprising that tech security flaws stay undetected for soo long. There are not many people on the planet who actually have a understanding for the tech, and those who do work either for the tech companies, the GOV or bad actors. And none of them are interested in making security flaws public, two of them even abuse them. That's why most security flaws are reported by private researchers.
 
Joined
Sep 1, 2020
Messages
2,393 (1.52/day)
Location
Bulgaria
It affects too many generations to seem like a "monthly cycle". It still looks to me like a materialized intention to retire these generations at some moment and force customers to buy newer ones. :(
 
Joined
Oct 27, 2009
Messages
1,190 (0.21/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
Downfall also relies on SMT as the attacker should be running on the same core as the victim. These cloud providers should stop running programs from different customers on the same cores.
It's not just a different customer issue, its a about pivoting from a useless VM of one customer to a more useful VM of the same customer. Being able to pivot across VMs is highly useful for a hacker "going deep" (shrugs)
 
Joined
May 9, 2012
Messages
8,545 (1.85/day)
Location
Ovronnaz, Wallis, Switzerland
System Name main/SFFHTPCARGH!(tm)/Xiaomi Mi TV Stick/Samsung Galaxy S23/Ally
Processor Ryzen 7 5800X3D/i7-3770/S905X/Snapdragon 8 Gen 2/Ryzen Z1 Extreme
Motherboard MSI MAG B550 Tomahawk/HP SFF Q77 Express/uh?/uh?/Asus
Cooling Enermax ETS-T50 Axe aRGB /basic HP HSF /errr.../oh! liqui..wait, no:sizable vapor chamber/a nice one
Memory 64gb DDR4 3600/8gb DDR3 1600/2gbLPDDR3/8gbLPDDR5x/16gb(10 sys)LPDDR5 6400
Video Card(s) Hellhound Spectral White RX 7900 XTX 24gb/GT 730/Mali 450MP5/Adreno 740/Radeon 780M 6gb LPDDR5
Storage 250gb870EVO/500gb860EVO/2tbSandisk/NVMe2tb+1tb/4tbextreme V2/1TB Arion/500gb/8gb/256gb/4tb SN850X
Display(s) X58222 32" 2880x1620/32"FHDTV/273E3LHSB 27" 1920x1080/6.67"/AMOLED 2X panel FHD+120hz/7" FHD 120hz
Case Cougar Panzer Max/Elite 8300 SFF/None/Gorilla Glass Victus 2/front-stock back-JSAUX RGB transparent
Audio Device(s) Logi Z333/SB Audigy RX/HDMI/HDMI/Dolby Atmos/KZ x HBB PR2/Moondrop Chu II + TRN BT20S
Power Supply Chieftec Proton BDF-1000C /HP 240w/12v 1.5A/USAMS GAN PD 33w/USAMS GAN 100w
Mouse Speedlink Sovos Vertical-Asus ROG Spatha-Logi Ergo M575/Xiaomi XMRM-006/touch/touch
Keyboard Endorfy Thock 75%/Lofree Edge/none/touch/virtual
VR HMD Medion Erazer
Software Win10 64/Win8.1 64/Android TV 8.1/Android 14/Win11 64
Benchmark Scores bench...mark? i do leave mark on bench sometime, to remember which one is the most comfortable. :o
But regardless, I'm not sure if this is an odd thought.. but I can't shake the feeling sometimes that Intel purposely cuts corners to increase performance while increasing security vulnerabilities...
i wrote that, since first vulnerability and first mitigation patch :laugh: "another "improvement" that made Intel the top dog turned out to be a vulerability?" :laugh:

well AMD also have some of their own ofc ... but still ...
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)
Downfall also relies on SMT as the attacker should be running on the same core as the victim.
It does not rely on SMT since it works with just context-switching. Disabling SMT is not a mitigation for this vulnerability, from the paper:
Disabling SMT, i.e., hyperthreading can partially mitigate GDS and GVI attacks in exchange for losing performance. A computer with hyperthreading is 30% faster than an identical system [7], which makes disabling SMT expensive for customers. Besides, it does not prevent data leaks across context switching.
 
Joined
Jan 14, 2019
Messages
12,571 (5.80/day)
Location
Midlands, UK
System Name Nebulon B
Processor AMD Ryzen 7 7800X3D
Motherboard MSi PRO B650M-A WiFi
Cooling be quiet! Dark Rock 4
Memory 2x 24 GB Corsair Vengeance DDR5-4800
Video Card(s) AMD Radeon RX 6750 XT 12 GB
Storage 2 TB Corsair MP600 GS, 2 TB Corsair MP600 R2
Display(s) Dell S3422DWG, 7" Waveshare touchscreen
Case Kolink Citadel Mesh black
Audio Device(s) Logitech Z333 2.1 speakers, AKG Y50 headphones
Power Supply Seasonic Prime GX-750
Mouse Logitech MX Master 2S
Keyboard Logitech G413 SE
Software Bazzite (Fedora Linux) KDE
How does one get the microcode update?
 

Mussels

Freshwater Moderator
Joined
Oct 6, 2004
Messages
58,413 (7.91/day)
Location
Oystralia
System Name Rainbow Sparkles (Power efficient, <350W gaming load)
Processor Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard Asus x570-F (BIOS Modded)
Cooling Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory 2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s) Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage 2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s) Phillips 32 32M1N5800A (4k144), LG 32" (4K60) | Gigabyte G32QC (2k165) | Phillips 328m6fjrmb (2K144)
Case Fractal Design R6
Audio Device(s) Logitech G560 | Corsair Void pro RGB |Blue Yeti mic
Power Supply Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse Logitech G Pro wireless + Steelseries Prisma XL
Keyboard Razer Huntsman TE ( Sexy white keycaps)
VR HMD Oculus Rift S + Quest 2
Software Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores Nyooom.
These level of attacks are like those early point and click adventure games



You have to take the dog for a walk, find a stick, throw the stick, have the dog get stung by a bee so the dog runs into a lady with an umbrella who throws the umbrella that gets caught in a gust of wind and flies off to impale a pigeon flying nearby that lands on a mans lap, so he throws his briefcase right as he unlocked it and it goes past your eyes so you can get a glimpse of the contents in the reflection of the poop from the pigeon on your shoe.

Or like with ChatGPT where it wouldnt tell you certain forbidden things, but you could ask it to tell you a story about it while pretending to be your grandmother telling a bedtime story and it bypassed the security check - sometimes you just can't predict these things in advance and fixing them could break a thousand other things, or create even worse vulnerabilities.



So many of these attacks tie into SMT/hyperthreading, makes me wonder if that'll die off with E/C cores now.
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)

freeagent

Moderator
Staff member
Joined
Sep 16, 2018
Messages
8,854 (3.87/day)
Location
Winnipeg, Canada
Processor AMD R7 5800X3D
Motherboard Asus Crosshair VIII Dark Hero
Cooling Thermalright Frozen Edge 360, 3x TL-B12 V2, 2x TL-B12 V1
Memory 2x8 G.Skill Trident Z Royal 3200C14, 2x8GB G.Skill Trident Z Black and White 3200 C14
Video Card(s) Zotac 4070 Ti Trinity OC
Storage WD SN850 1TB, SN850X 2TB, SN770 1TB
Display(s) LG 50UP7100
Case Fractal Torrent Compact
Audio Device(s) JBL Bar 700
Power Supply Seasonic Vertex GX-1000, Monster HDP1800
Mouse Logitech G502 Hero
Keyboard Logitech G213
VR HMD Oculus 3
Software Yes
Benchmark Scores Yes
Joined
Jan 14, 2019
Messages
12,571 (5.80/day)
Location
Midlands, UK
System Name Nebulon B
Processor AMD Ryzen 7 7800X3D
Motherboard MSi PRO B650M-A WiFi
Cooling be quiet! Dark Rock 4
Memory 2x 24 GB Corsair Vengeance DDR5-4800
Video Card(s) AMD Radeon RX 6750 XT 12 GB
Storage 2 TB Corsair MP600 GS, 2 TB Corsair MP600 R2
Display(s) Dell S3422DWG, 7" Waveshare touchscreen
Case Kolink Citadel Mesh black
Audio Device(s) Logitech Z333 2.1 speakers, AKG Y50 headphones
Power Supply Seasonic Prime GX-750
Mouse Logitech MX Master 2S
Keyboard Logitech G413 SE
Software Bazzite (Fedora Linux) KDE
These level of attacks are like those early point and click adventure games



You have to take the dog for a walk, find a stick, throw the stick, have the dog get stung by a bee so the dog runs into a lady with an umbrella who throws the umbrella that gets caught in a gust of wind and flies off to impale a pigeon flying nearby that lands on a mans lap, so he throws his briefcase right as he unlocked it and it goes past your eyes so you can get a glimpse of the contents in the reflection of the poop from the pigeon on your shoe.

Or like with ChatGPT where it wouldnt tell you certain forbidden things, but you could ask it to tell you a story about it while pretending to be your grandmother telling a bedtime story and it bypassed the security check - sometimes you just can't predict these things in advance and fixing them could break a thousand other things, or create even worse vulnerabilities.



So many of these attacks tie into SMT/hyperthreading, makes me wonder if that'll die off with E/C cores now.
It makes me wonder if these vulnerabilities really deserve the attention they get. I mean, sure, someone could potentially hack your PC doing the point-and-click steps you described, but why would they?

These news are way more important for businesses than for us, imo.
 
Joined
Apr 12, 2013
Messages
7,563 (1.77/day)
There are probably a lot more vulnerabilities which aren't going to be reported, some baked in by you know who! Patching them would probably be just as easy (or hard) as Smeltdown but they won't get the press we need mostly because of vested interests. Yeah looking at you NSA o_O
 
Joined
Jul 5, 2013
Messages
28,257 (6.75/day)
They could bigly reduce such "unforeseen consequences" with proper QA. ;)
I presume you're being silly.

How does one get the microcode update?
Don't worry about it. I've been studying this. It's another one of those "It's possible but so difficult to pull off in the wild that the common user will never encounter it" kinds of things. Businesses and Corps need to worry about this. The general populace does not.

And before anyone says it, there will not be any JS based exploits one can load in a browser page. It's detailed in the description;
"Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
Admin/Root access is required in addition to local(direct physical) access to the system in question. Remote exploitation is not possible without direct user action and interaction.

There are probably a lot more vulnerabilities which aren't going to be reported, some baked in by you know who! Patching them would probably be just as easy (or hard) as Smeltdown but they won't get the press we need mostly because of vested interests. Yeah looking at you NSA o_O
Oh please with that tin-hat nonsense...
 
Last edited:
Joined
Aug 11, 2015
Messages
80 (0.02/day)
Don't worry about it. I've been studying this. It's another one of those "It's possible but so difficult to pull off in the wild that the common user will never encounter it" kinds of things.
what you mean with that? everyone will get the mitigation microcode updates over time, forced by Windows and Linux updates. so you should not worry about your Pc becoming super slow? im not worried about security, im worried only about performance.
 
Joined
Jul 5, 2013
Messages
28,257 (6.75/day)
what you mean with that? everyone will get the mitigation microcode updates over time, forced by Windows and Linux updates. so you should not worry about your Pc becoming super slow? im not worried about security, im worried only about performance.
No. What I'm saying is that that like all the other "patches", you can quite safely skip it, block it, remove it, whatever and not actually effect the safety and security of your PC.

Put another way, this is very nearly nothing-sauce. The user does NOT need to worry about it.
 
Last edited:
Joined
Nov 18, 2010
Messages
7,595 (1.48/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) SMSL RAW-MDA1 DAC
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 41
what you mean with that? everyone will get the mitigation microcode updates over time, forced by Windows and Linux updates. so you should not worry about your Pc becoming super slow? im not worried about security, im worried only about performance.

You cannot disable them all in windows, it is baked in kernel. You will not have a choice.

Don't care use linux. Add in grub mitigations=off and run it like in 2010.
 
Joined
Aug 11, 2015
Messages
80 (0.02/day)
Yes, you can.
The mCode will be included in the next AGESA / Intel bios update, ERGO are you forced to install it if you want the next updates too, as simple as that. You cant block mCode updates under Windows easily, you need to delete dll files in system folder which is just BAD BAD BAD, and Windows will replace them next boot. The registry mitigation toggle are not for every mitigations, just most of them, and also you dont know YET if the mitigations for Downfall and Inceptions also will get a toggle under Windows like Spectre and Meltdown.
 
Joined
Jan 14, 2019
Messages
12,571 (5.80/day)
Location
Midlands, UK
System Name Nebulon B
Processor AMD Ryzen 7 7800X3D
Motherboard MSi PRO B650M-A WiFi
Cooling be quiet! Dark Rock 4
Memory 2x 24 GB Corsair Vengeance DDR5-4800
Video Card(s) AMD Radeon RX 6750 XT 12 GB
Storage 2 TB Corsair MP600 GS, 2 TB Corsair MP600 R2
Display(s) Dell S3422DWG, 7" Waveshare touchscreen
Case Kolink Citadel Mesh black
Audio Device(s) Logitech Z333 2.1 speakers, AKG Y50 headphones
Power Supply Seasonic Prime GX-750
Mouse Logitech MX Master 2S
Keyboard Logitech G413 SE
Software Bazzite (Fedora Linux) KDE
The mCode will be included in the next AGESA / Intel bios update, ERGO are you forced to install it if you want the next updates too, as simple as that. You cant block mCode updates under Windows easily, you need to delete dll files in system folder which is just BAD BAD BAD, and Windows will replace them next boot. The registry mitigation toggle are not for every mitigations, just most of them, and also you dont know YET if the mitigations for Downfall and Inceptions also will get a toggle under Windows like Spectre and Meltdown.
That begs the question: do you really need the next BIOS update?
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)
And before anyone says it, there will not be any JS based exploits one can load in a browser page. It's detailed in the description;
"Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access."
Please don't spread disinformation. In CVSS v3 and newer Attack Vector: Local does not mean what you think it means.

From the CVSS v3.1 specification:
Local (L)The vulnerable component is not bound to the network stack and the attacker’s path is via read/write/execute capabilities. Either:
  • the attacker exploits the vulnerability by accessing the target system locally (e.g., keyboard, console), or remotely (e.g., SSH); or
  • the attacker relies on User Interaction by another person to perform actions required to exploit the vulnerability (e.g., using social engineering techniques to trick a legitimate user into opening a malicious document)

This means that making a user visit a compromised website is also considered "local". So potentially this vulnerability could be exploited "remotely" via a web browser.

Admin/Root access is required in addition to local(direct physical) access to the system in question. Remote exploitation is not possible without direct user action and interaction.
That's not true. In CVSS v3 and never direct physical requirement is denoted by AV: P - Physical.
Please read the actual paper as well. It clearly states that the exploit works from non-admin accounts:
Discovered vulnerability The observed data leak confirms a critical vulnerability that is exploitable from user space.
 
Joined
Jul 5, 2013
Messages
28,257 (6.75/day)
That begs the question: do you really need the next BIOS update?
There's an old saying, if not broken, don't fix it...


These level of attacks are like those early point and click adventure games.

You have to take the dog for a walk, find a stick, throw the stick, have the dog get stung by a bee so the dog runs into a lady with an umbrella who throws the umbrella that gets caught in a gust of wind and flies off to impale a pigeon flying nearby that lands on a mans lap, so he throws his briefcase right as he unlocked it and it goes past your eyes so you can get a glimpse of the contents in the reflection of the poop from the pigeon on your shoe.
THIS!
 
Top