According to a report here, Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately; single-user systems (i.e., desktop computers) are not affected.
The flaw originally discovered in October 2004 has now been fully disclosed including proof of concept exploit code. The following vendors have responded:
According to FreeBSD the flaw is fixed in advisory FreeBSD-SA-05:09.htt.
According to NetBSD the flaw will be fixed in advisory NetBSD-SA2005-001
OpenBSD is advising users to disable HT in BIOS as OpenBSD does not officially support HT
According to SCO the flaw is fixed in advisory SCOSA-2005.24
Intel have commented about the advisory but so far there has been no response from Microsoft.
View: Hyper-Threading Considered Harmful
The flaw originally discovered in October 2004 has now been fully disclosed including proof of concept exploit code. The following vendors have responded:
Intel have commented about the advisory but so far there has been no response from Microsoft.
View: Hyper-Threading Considered Harmful
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.