Foreshadow: What is it and how can I protect it?


Foreshadow: Specter and Meltdown security holes continue to haunt microprocessor makers Intel and AMD. After the initial revelations, Intel expressed the hope that the security gaps would remain idle.Foreshadow

Unfortunately this was not the case, as immediately after the discovery of Specter and Meltdown, new gaps in processor security are being discovered. Foreshadow is one of the most recent security blanks discovered and will be discussed below in more detail.

What makes Foreshadow vulnerability?

The Foreshadow is also a L1 Terminal Fault (L1TF). This is the latest vulnerability discovered in Intel Core processors. The public announcement by Foreshadow reports three vulnerabilities that affect Intel processors.

Η πρώτη αφορά τις επεκτάσεις ασφαλείας της Intel (SGX), ένα χαρακτηριστικό που διαθέτουν τα chips 7ης γενιάς της Intel. Το ειρωνικό της υπόθεσης είναι ότι τα συγκεκριμένα chips είχαν σχεδιαστεί για επιπλέον προστασία του κώδικα από μη εξουσιοδοτημένες τροποποιήσεις.

The two other vulnerabilities affect virtually all other Intel CPUs.

See demo of an attack:

Foreshadow is the result of an independent cooperative security research for two different groups: KU Leuven's imec-DistriNet and a large group consisting of the University of Michigan, the University of Adelaide and the CSIRO Data61.

"What our attack is doing is using techniques that are similar to the Meltdown attacks six months ago," said Professor Thomas Wenisch of the University of Michigan.

"But we found that we can specifically target a lock box on Intel processors. With this we can leak any data we want. "

In a nutshell: The Foreshadow security blank allows access to information stored in the computer memory. Intel's technical manuals indicate that memory areas can be labeled as off-limits, but the opposite is the case. By adding malicious code to a machine, a virtual machine, or a Cloud server, attackers can access areas of memory that they should not normally have because they contain very sensitive data.

The three vulnerabilities of Foreshadow have been recorded with different CVE codes:
CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646.

The CVE description page of Intel reports a complete list of platforms that may be affected by Foreshadow vulnerabilities.
Check the list for your CPU model.

Is my computer running out of Foreshadow?

Make sure your system is up to date. The research teams that discovered Foreshadow revealed all details to Intel since January. So Intel had enough time to develop and release patches.

Επιπλέον, οι ερευνητές και η Intel αναφέρουν ότι τέτοιες επιθέσεις είναι εξαιρετικά σπάνιες. Η τεχνογνωσία και το κόστος που απαιτείται για την πραγματοποίηση αυτής της επίθεσης την καθιστούν σχεδόν αδύνατη για επιτιθέμενους της σειράς. Οι τεχνικές ηλεκτρονικού “ψαρέματος” είναι πολύ πιο εύχρηστες και σχεδόν κόστος για την κοινότητα των hackers.

For more technical details see the vulnerability page.

_______________________________

 


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news