![]() In this post, we’ll provide an overview of variant 1 and describe the steps that we’ve taken with the MSVC compiler to provide mitigation assistance. The mitigations for variant 2 and variant 3 are outside the scope of this post but are explained in Terry’s post. The following table from Terry’s blog provides the decoder ring for each of these variants: Exploited Vulnerability ![]() The security researchers that discovered these vulnerabilities identified three variants that could enable speculative execution side-channel attacks. For a more complete explanation of these vulnerabilities, please see this TechNet post on Mitigating speculative execution side channel hardware attacks. If you haven’t had a chance to read Terry’s post you should take a moment to read it before reading this one. This post is intended as a follow-up to Terry Myerson’s recent Windows System post with a focus on the assessment for MSVC. On the MSVC team, we’ve reviewed information in detail and conducted extensive tests, which showed the performance impact of the new /Qspectre switch to be negligible. Microsoft is aware of a new publicly disclosed class of vulnerabilities, called “speculative execution side-channel attacks,” that affect many operating systems and modern processors, including processors from Intel, AMD, and ARM. ![]() Second, we have provided Spectre-mitigated implementations of the Microsoft Visual C++ libraries. First, the /Qspectre switch is now supported regardless of the selected optimization level. Update 4 April 2018 With Visual Studio 2017 version 15.7 Preview 3 we have two new features to announce with regards to our Spectre mitigations. Update 20 April 2018 With Visual Studio 2017 version 15.7 Preview 4 we have added a new warning, C5045, that shows what patterns in your code would have caused a mitigation to be inserted. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |