Twitter | Search | |
Alex Ionescu
Welp, it turns out the patches for Windows 10 had a fatal flaw: calling NtCallEnclave returned back to user space with the full kernel page table directory, completely undermining the mitigation. This is now patched on RS4 but not earlier builds -- no backport??
Reply Retweet Like More
decoded May 2
Replying to @aionescu
damn
Reply Retweet Like
Chernobyl Megatron May 2
Replying to @aionescu
This just never ends!
Reply Retweet Like
冰淇琳 May 2
Replying to @aionescu @magicxqq
MS now do not like to backport, in order to let people update :-(
Reply Retweet Like
Mauro H. L. May 2
Replying to @aionescu
Kernel is "enclaved" in user land :)
Reply Retweet Like
mm May 3
Replying to @aionescu
Someone should really redo analysis of performance impact of Spectre and Meltdown. Now that it's clear that previous patches were half-baked, things could really go either way.
Reply Retweet Like
Rando Hütt May 3
Replying to @aionescu
They haven't discovered what they did now. Until MSN Bots are under your netstat it's not really interesting OS.
Reply Retweet Like
Dylanger Daly May 3
Replying to @aionescu
Spaghetti.
Reply Retweet Like
Alex Ionescu May 3
Replying to @mmajrk
This doesn't affect the performance in any way. If anything, newer versions of the patches have made performance _gains_.
Reply Retweet Like
Neko Ed May 3
Replying to @aionescu @Myriachan
No backports, gotta have some way to force everyone to upgrade to the latest version.
Reply Retweet Like
isco.cesar232 May 7
Replying to @aionescu
so any more technical details? available??
Reply Retweet Like
Alex Ionescu May 8
Replying to @msftsecresponse
Incredible turnaround by to fix this issue (which only affected Fall Creators Update due to this API being introduced in 1709) in today’s Patch Tuesday. Customers on 1709 now protected just like on 1803, so not back porting was an oversight now addressed.
Reply Retweet Like
Martin Sundhaug May 8
Damn, that's like a week?
Reply Retweet Like
Alex Ionescu May 8
Yep, lightning response.
Reply Retweet Like
Martin Sundhaug May 8
Curious why it wasn't merged into earlier branches, stress of RTMing?
Reply Retweet Like
Stephen Battista May 9
Is this part of patch Tuesday? I may have missed the correct CVE as I looked for the first Specter vulnerability.
Reply Retweet Like
Alex Ionescu May 9
It’s part of it yes.
Reply Retweet Like
omer gull May 10
and myself actually reported this issue at the beginning of April, so it was known for at least a month...
Reply Retweet Like
Jan Ringoš Jun 17
Any word on LTSB?
Reply Retweet Like