Technology - Google News

Osmo Action hands-on: GoPro should be worried - The Verge

Posted: 15 May 2019 06:00 AM PDT

MDS Tool: find out if you are vulnerable to Microarchitectural Data Sampling Attacks (MDS) - Ghacks Technology News

Posted: 14 May 2019 09:22 PM PDT

MDS Tool is a free cross-platform security program for Windows and Linux devices that checks whether the system's hardware is vulnerable to Microarchitectural Data Sampling (MDS) attacks.

Intel disclosed a new group of security issues in its processors on May 14, 2019 that it calls "Microarchitectural Data Sampling". The flaws are related to speculative execution attacks such as Spectre or Meltdown discovered last year. The issue affects all modern Intel CPUs in servers, desktops, and laptops.

Rogue In-Flight Data Load (RIDL) and Fallout, two MDS attacks, differ from last year's attacks in several meaningful ways that make them potentially more powerful. The attacks don't depend on the processor cache and don't need to make assumptions about the memory layout. They leak arbitrary in-flight data from internal CPU buffers.

Attacks, when carried out successfully, read data from other system processes and could lead to the leaking of sensitive information such as passwords, credit card numbers, or cookies.

Attackers who can run unprivileged code on machines with recent Intel CPUs - whether using shared cloud computing resources, or using JavaScript on a malicious website or advertisement - can steal data from other programs running on the same machine, across any security boundary: other applications, the operating system kernel, other VMs (e.g., in the cloud), or even secure (SGX) enclaves. (via)

Microsoft released patches for some versions of Windows on yesterday's Patch Tuesday, Canonical released updates for Ubuntu yesterday as well.

MDS Tool

mds tool

MDS Tool is a comprehensive program that you may run on your system to find out if it is vulnerable to certain attacks. You can download the program from the MSD Attacks website.

It has been updated recently to integrate vulnerability checks for the disclosed MSD attacks. Just run the program after download and scroll down to the Micro-architectural Data Sampling section of the interface.

There you find whether the system you ran the software program on is vulnerable to the attacks or if it is protected.

If you have not installed patches yet that mitigate the issues, it will report as vulnerable.

Resources

Here is a list of resources that offer additional information:

Summary

Article Name

MDS Tool: find out if you are vulnerable to Microarchitectural Data Sampling Attacks (MDS)

Description

MDS Tool is a free cross-platform security program for Windows, Linux and Mac devices that checks whether the system's hardware is vulnerable to Microarchitectural Data Sampling (MDS) attacks.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo