Foreshadow: Specter and Meltdown security holes continue to haunt microprocessor makers Intel and AMD. After the initial revelations, Intel expressed the hope that the security gaps would remain idle.
Unfortunately this was not the case, as immediately after the discovery of Specter and Meltdown, new gaps in processor security are being discovered. Foreshadow is one of the most recent security blanks discovered and will be discussed below in more detail.
What makes Foreshadow vulnerability?
The Foreshadow is also a L1 Terminal Fault (L1TF). This is the latest vulnerability discovered in Intel Core processors. The public announcement by Foreshadow reports three vulnerabilities that affect Intel processors.
The first concerns Intel Security Extensions (SGX), one feature which have Intel's 7th generation chips. The irony of the case is that these chips were designed to further protect the code from unauthorized modifications.
The two other vulnerabilities affect virtually all other Intel CPUs.
See demo of an attack:
Foreshadow is the result of an independent cooperative security research for two different groups: KU Leuven's imec-DistriNet and a large group consisting of the University of Michigan, the University of Adelaide and the CSIRO Data61.
"What our attack is doing is using techniques that are similar to the Meltdown attacks six months ago," said Professor Thomas Wenisch of the University of Michigan.
"But we found that we can specifically target a lock box on Intel processors. With this we can leak any data we want. "
In a nutshell: The Foreshadow security loophole allows access to information held in its memory computer. Τα τεχνικά εγχειρίδια της Intel αναφέρουν ότι οι περιοχές της μνήμης μπορούν να επισημανθούν σαν off-limits, αλλά συμβαίνει το αντίθετο. Με την προσθήκη κακόβουλου κώδικα σε ένα μηχάνημα, μια virtual machine or in a Cloud server, attackers can gain access to areas of memory that they normally shouldn't be able to because they contain very sensitive data.
The three vulnerabilities of Foreshadow have been recorded with different CVE codes:
CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646.
The CVE description page of Intel reports a complete list of platforms that may be affected by Foreshadow vulnerabilities.
Check the list for your CPU model.
Is my computer running out of Foreshadow?
Make sure your system is up to date. The research teams that discovered Foreshadow revealed all details to Intel since January. So Intel had enough time to develop and release patches.
Furthermore, the researchers and Intel report that such attacks are extremely rare. The expertise and cost required to carry out this attack make it nearly impossible for serial attackers. Phishing techniques are much easier to use and almost costless to the community hackers.
For more technical details see the vulnerability page.
_______________________________
- Intel 32 suits for Meltdown and Specter vulnerabilities
- Intel: 8 discovered new Specter vulnerabilities
