Store-to-leak forwarding also reads pre-loaded data by exploiting the efficient way in which computer processors function. “The computer assumes that I want to use the data which I have just written to the processor again right away. So it keeps it in the buffer for faster access,” explains Gruss. This functionality can also be used to determine the architecture of the computer processor and find the exact location where the operating system is running. “If I know exactly where the processor is running the operating system, then I can launch targeted attacks against flaws in the operating system.”
More Information: https://cpu.fail/store-to-leak.pdf
So to fully mitigate this attack is to disable the hyperthreading for now. This can be done from the recovery mode.
- Restart your Mac and hold Command key and the R key to enter macOS Recovery mode.
- Open the Terminal from the Utilities menu.
- Restart the Mac.
Make sure to read this post with much more detail on why and how to do this:
So if you “disable half the threads” in a Mac processor you lose half the power. This got me thinking… do I really want to do this for all of my machines. Also this cannot be scripted afaik.
Chrome and Firefox will be releasing updates soon (they better!) and should help.
Will you be disabling hyperthreading on your fleet?
I did get some useful feedback from people regarding forcing users to update:
A tool to help users with pre-existing devices upgrade their OS version.
A workflow for more user intuitive macOS updates. Allowing the user to defer updates to a more convenient time after updates become available, while allowing for greater assurance that security updates are being applied to IT.