Design error in Hyper-Threading causes vulnerability in FreeBSD

Secunia issued an alert about a security threat in FreeBSD that is caused by an apparent design error in Intel's Hyper-Threading technology. According to the company, malicious users are able to use one thread to monitor the execution of another thread and access potentially sensitive information in the shared memory caches that can include for example cryptographic keys used by OpenSSH or SSL-enabled applications.

Processors without Hyper-Threading or other operating systems other than FreeBSD are not affected by the exploit.

FreeBSD already has issued updated versions and patches and recommends to disable Hyper-Threading, if available. (THG)