Re: Intel Microcode updates

To: debian-security@lists.debian.org
Subject: Re: Intel Microcode updates
From: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au>
Date: Wed, 12 Jun 2019 03:05:13 +1000
Message-id: <[🔎] 08981663-1152-cbbd-7ca9-c3a5c4db846c@affinityvision.com.au>
In-reply-to: <[🔎] 20190611021914.eiq2ins57wlj3x6l@khazad-dum.debian.net>
References: <[🔎] 3261648.SxaLSeNWXX@xev> <[🔎] 20190611021914.eiq2ins57wlj3x6l@khazad-dum.debian.net>

Hi Russell,

On 11/6/19 12:19 pm, Henrique de Moraes Holschuh wrote:
> On Mon, 10 Jun 2019, Russell Coker wrote:
>> model name      : Intel(R) Core(TM)2 Quad CPU    Q9505  @ 2.83GHz

The first thing to think about with all of these problems is, are you
/really/ affected.... ie, are you at risk?

Now, if you run your own machine and you trust EVERY process on that
machine, then you should be safe.  This is extended if you have VMs on
the machine, you have to trust EVERY SINGLE process on every VM.

Exploiting the flaws needs malicious code to be running on your box.  If
you are in total control over all VMs and processes on the box, then you
should be good.

The trouble comes when you have an non-trusted process or VM or a trust
that has been broken.

If you share a machine that you are not in control of, others using that
same (physical) machine, will then you are at risk.

Of course, at any time, if there is some other vulnerability that comes
in to play and a process can run that should not be ran, then you are at
risk.

Kind Regards
AndrewM

Reply to:

Follow-Ups:
- Re: Intel Microcode updates
  - From: Holger Levsen <holger@layer-acht.org>

References:
- Intel Microcode updates
  - From: Russell Coker <russell@coker.com.au>
- Re: Intel Microcode updates
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: Intel Microcode updates
Next by Date: Re: Intel Microcode updates
Previous by thread: Re: Intel Microcode updates
Next by thread: Re: Intel Microcode updates
Index(es):
- Date
- Thread