A.M.
1 Nickel

Is Vostro 3750 affected by processor side-channel attacks?

The title says it all.

The site

https://www.dell.com/support/article/us/en/04/sln308587/microprocessor-side-channel-vulnerabilities-...

does NOT list this laptop (Dell Vostro 3750) as of today. But it probably should.

0 Kudos
4 Replies
Moderator
Moderator

Re: Is Vostro 3750 affected by processor side-channel attacks?

A.M.

Dell releases bios updates on systems that are vulnerable. The Vostro 3750 is currently not on the list. Dell will update the information as it becomes available, including impacted products and remediation steps.


Social Media Support
#IWork4Dell
To help us troubleshoot, send us via a private message: Dell PC or Monitor Service Tag number
Out of Warranty Support
Where do I find my Dell PC Service Tag or Express service code?
Where do I post SA (SupportAssist) issue/questions?
0 Kudos
8 Krypton

Re: Is Vostro 3750 affected by processor side-channel attacks?

This was a question I was wondering over. I have kept checking the official list and the 3750 seems conspicuous by its absence.

 

0 Kudos
Moderator
Moderator

Re: Is Vostro 3750 affected by processor side-channel attacks?

Mooly01,

At this time only the ones listed in the link below are vulnerable. Unfortunately, I have no information if  or when the 3750 will be added to the list.

Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on...


Social Media Support
#IWork4Dell
To help us troubleshoot, send us via a private message: Dell PC or Monitor Service Tag number
Out of Warranty Support
Where do I find my Dell PC Service Tag or Express service code?
Where do I post SA (SupportAssist) issue/questions?
0 Kudos
Highlighted
8 Krypton

Re: Is Vostro 3750 affected by processor side-channel attacks?

I ran the PowerShell commands to test this vulnerability and as expected it appears vulnerable. Suggested action:

"Suggested actions * Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation."

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

PS C:\Windows\system32> Set-ExecutionPolicy Unrestricted -Scope Process -Force
PS C:\Windows\system32> Install-Module SpeculationControl -Force
PS C:\Windows\system32> Get-SpeculationControlSettings
Speculation control settings for CVE-2017-5715 [branch target injection]
For more information about the output below, please refer to https://support.microsoft.com/en-in/help/4074629

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: False [not required for security]

Suggested actions

 * Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.


BTIHardwarePresent             : False
BTIWindowsSupportPresent       : True
BTIWindowsSupportEnabled       : False
BTIDisabledBySystemPolicy      : False
BTIDisabledByNoHardwareSupport : True
KVAShadowRequired              : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled           : False



PS C:\Windows\system32>

 

0 Kudos