Notification

Icon
Error

TLBleed Vulnerability

Posted: Tuesday, June 26, 2018 2:29:32 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,982
1
Like
Dutch researchers found a new vulnerability in Intel processors which have Hyper-threading enabled.

The vulnerability allows the extraction of crypto keys from other programs running on the same processor by exploiting the processor's translation lookaside buffer (TLB). According to all reports, for this vulnerability to be exploited, direct access to the vulnerable system is required. Access through a direct logon or malware. There are currently no reports of this vulnerability having been exploited in the wild.

At this point, Intel has no plans to release a fix for this vulnerability. If you're interested in the full story you can find it here.

To find assets on which this vulnerability could potentially be exploited on, you can run the report below. This report displays all assets which have Intel processors with more logical cores than physical cores (indicating the presence of Hyper-Threading).

You can find a guide on how to add this report to your Lansweeper installation here.

Code:
Select Distinct Top 1000000 tsysOS.Image As icon,
  tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  tblAssets.IPAddress,
  tblAssets.Firstseen,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblProcessor.NumberOfCores,
  tblProcessor.NumberOfLogicalProcessors,
  Case
    When tblProcessor.NumberOfCores < tblProcessor.NumberOfLogicalProcessors
    Then 'hyperthreading enabled'
    Else 'hyperthreading disabled'
  End As HyperthreadingCheck
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysOS On tsysOS.OScode = tblAssets.OScode
  Inner Join tblProcessor On tblAssets.AssetID = tblProcessor.AssetID
Where Case
    When tblProcessor.NumberOfCores < tblProcessor.NumberOfLogicalProcessors
    Then 'hyperthreading enabled'
    Else 'hyperthreading disabled'
  End Like '%enabled%' And tblAssetCustom.State = 1 And
  tblProcessor.Manufacturer Like '%Intel%'
Order By tblAssets.Domain,
  tblAssets.AssetName

Active Discussions

Lansweeper "add cc user" doesn't show the correct listings
by  JLPingree   Go to last post Go to first unread
Last post: Yesterday at 8:12:44 PM(UTC)
Lansweeper Default User Date Format
by  RickW99456  
Go to last post Go to first unread
Last post: Yesterday at 5:00:51 PM(UTC)
Lansweeper Duplicate assets (Servers)
by  FrankSc   Go to last post Go to first unread
Last post: Yesterday at 3:20:28 PM(UTC)
Lansweeper Lansweeper load the disk subsystem
by  Alexey Gorbachev  
Go to last post Go to first unread
Last post: Yesterday at 3:13:17 PM(UTC)
Lansweeper Lost Configuration tab (Admin rights)
by  kspap   Go to last post Go to first unread
Last post: Yesterday at 10:30:12 AM(UTC)
Lansweeper Deployment with different user rights
by  Jupiter_IT  
Go to last post Go to first unread
Last post: Yesterday at 9:39:20 AM(UTC)
Lansweeper cisco fuji device not linking with connected devices
by  char   Go to last post Go to first unread
Last post: 7/5/2020 9:12:07 AM(UTC)
Lansweeper Microsoft CVE-2020-1425
by  Richard_B  
Go to last post Go to first unread
Last post: 7/3/2020 4:29:41 PM(UTC)