Notification

Icon
Error

TLBleed Vulnerability

Posted: Tuesday, June 26, 2018 2:29:32 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,980
1
Like
Dutch researchers found a new vulnerability in Intel processors which have Hyper-threading enabled.

The vulnerability allows the extraction of crypto keys from other programs running on the same processor by exploiting the processor's translation lookaside buffer (TLB). According to all reports, for this vulnerability to be exploited, direct access to the vulnerable system is required. Access through a direct logon or malware. There are currently no reports of this vulnerability having been exploited in the wild.

At this point, Intel has no plans to release a fix for this vulnerability. If you're interested in the full story you can find it here.

To find assets on which this vulnerability could potentially be exploited on, you can run the report below. This report displays all assets which have Intel processors with more logical cores than physical cores (indicating the presence of Hyper-Threading).

You can find a guide on how to add this report to your Lansweeper installation here.

Code:
Select Distinct Top 1000000 tsysOS.Image As icon,
  tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  tblAssets.IPAddress,
  tblAssets.Firstseen,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblProcessor.NumberOfCores,
  tblProcessor.NumberOfLogicalProcessors,
  Case
    When tblProcessor.NumberOfCores < tblProcessor.NumberOfLogicalProcessors
    Then 'hyperthreading enabled'
    Else 'hyperthreading disabled'
  End As HyperthreadingCheck
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysOS On tsysOS.OScode = tblAssets.OScode
  Inner Join tblProcessor On tblAssets.AssetID = tblProcessor.AssetID
Where Case
    When tblProcessor.NumberOfCores < tblProcessor.NumberOfLogicalProcessors
    Then 'hyperthreading enabled'
    Else 'hyperthreading disabled'
  End Like '%enabled%' And tblAssetCustom.State = 1 And
  tblProcessor.Manufacturer Like '%Intel%'
Order By tblAssets.Domain,
  tblAssets.AssetName

Active Discussions

Lansweeper SNMPv3 global credentials ?
by  JeremySG   Go to last post Go to first unread
Last post: Today at 9:01:16 AM(UTC)
Lansweeper Help Desk not disabling for regular users?
by  Hagobian  
Go to last post Go to first unread
Last post: Yesterday at 11:20:17 PM(UTC)
Lansweeper Wake on Lan wol.exe issue
by  Socal_s197   Go to last post Go to first unread
Last post: Yesterday at 10:08:02 PM(UTC)
Lansweeper Changing DNS Servers via CMD or PowerShell
by  TheITGuy  
Go to last post Go to first unread
Last post: Yesterday at 8:46:06 PM(UTC)
Lansweeper Scanning IP Range Subnet
by  TheITGuy   Go to last post Go to first unread
Last post: Yesterday at 8:42:04 PM(UTC)
Lansweeper Access LS Knowledge base from outside network
by  TheITGuy  
Go to last post Go to first unread
Last post: Yesterday at 8:36:55 PM(UTC)
Lansweeper Problems with deploying PowerShell script
by  TheITGuy   Go to last post Go to first unread
Last post: Yesterday at 8:29:45 PM(UTC)
Lansweeper Swap asset details between 2 computers?
by  Mindspiked  
Go to last post Go to first unread
Last post: Yesterday at 7:47:03 PM(UTC)