Thomas Prescher, Julian Stecklina, Jacek Galowicz

Intel LazyFP vulnerability: Exploiting lazy FPU state switching

After Meltdown and Spectre, which were publicly disclosed in January, the Spectre V3a and V4 vulnerabilities followed in May. According to the German IT news publisher Heise, the latter might be part of eight new vulnerabilities in total that are going to be disclosed in the course of the year.

Spectre V4: Store-Load Vulnerability
Jacek Galowicz, Werner Haas

Spectre V4: Store-Load Vulnerability

After Meltdown and Spectre, more vulnerabilities in out-of-order CPUs have been uncovered that use similar attack vectors. This article is about the new variant 4 of the Spectre attack that works without misleading the branch predictor. Instead, it exploits an implementation detail of Intel's memory disambiguation technique inside the CPU's pipeline.

Windows on iSCSI - Part 3/3
Markus Partheymueller

Windows on iSCSI - Part 3/3

As an important step towards automating the creation of Windows disk assets/images, we will take a closer look at the Critical Device Database (CDDB) inside the Windows registry. The goal is to transform any locally installed instance to be bootable from iSCSI without having to run a full installation onto an iSCSI disk before.

Windows on iSCSI - Part 2/3
Markus Partheymueller

Windows on iSCSI - Part 2/3

In this article, we will describe how an ordinary Windows 7 installation can be converted to be booted from iSCSI. We will cover the particularities of the Windows network boot process and and elaborate on the differences to the normal boot. We then describe our solution using some registry modifications.

Windows on iSCSI - Part 1/3
Markus Partheymueller

Windows on iSCSI - Part 1/3

This series of three posts is about installing Windows 7 on an iSCSI disk. In this first article, we install it using qemu and iPXE and cover some of the pitfalls and particularities of this install method, as well as the topic of duplicating the resulting disk for use in machines of the same type. Two more follow-up posts will cover details of the network boot process, leading to a method of converting an existing installation to be iSCSI-bootable.

Meltdown
Jacek Galowicz

Meltdown

Meltdown is an attack on the general memory data security of computers with the Intel x86 architecture. Two members of the founder team of Cyberus Technology GmbH were among the first experts to discover this vulnerability. This article describes how Meltdown works and examines the mitigations that have been patched into the most widespread operating systems while the information embargo was still intact.

Reach out to us

Have questions? Feel free to contact us using the form below. We're here to help!