Hyper-Threading Considered Harmful

According to a report here, Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately; single-user systems (i.e., desktop computers) are not affected.

The flaw originally discovered in October 2004 has now been fully disclosed including proof of concept exploit code. The following vendors have responded:

  • According to FreeBSD the flaw is fixed in advisory FreeBSD-SA-05:09.htt.

  • According to NetBSD the flaw will be fixed in advisory NetBSD-SA2005-001

  • OpenBSD is advising users to disable HT in BIOS as OpenBSD does not officially support HT

  • According to SCO the flaw is fixed in advisory SCOSA-2005.24

    Intel have commented about the advisory but so far there has been no response from Microsoft.

    View: Hyper-Threading Considered Harmful

  • Report a problem with article
    Next Article

    ATI Multi VPU will need an external connector

    Previous Article

    Microsoft to Offer Corporate Desktop Search Solution