Foreshadow: The Gaps security Specter and Meltdown continue to haunt microprocessor manufacturers Intel and AMD. After the initial revelations, Intel expressed the hope that the security gaps would remain idle.
Unfortunately this was not the case, as immediately after the discovery of Specter and Meltdown, new gaps in processor security are being discovered. Foreshadow is one of the most recent security blanks discovered and will be discussed below in more detail.
What makes Foreshadow vulnerability?
The Foreshadow is also a L1 Terminal Fault (L1TF). This is the latest vulnerability discovered in Intel Core processors. The public announcement by Foreshadow reports three vulnerabilities that affect Intel processors.
The first concerns Intel's security extensions (SGX), a feature featured in Intel's 7 chips. The irony of the case is that these chips have been designed to provide extra protection against unauthorized modifications.
The two other vulnerabilities affect virtually all other Intel CPUs.
See demo of an attack:
Foreshadow is the result of independent collaborative security research by two different groups: KU Leuven's imec-DistriNet and a large team consisting of University of Michigan, the University of Adelaide and CSIRO's Data61.
"What our attack is doing is using techniques that are similar to the Meltdown attacks six months ago," said Professor Thomas Wenisch of the University of Michigan.
"But we found that we can specifically target a lock box on Intel processors. With this we can leak any data we want. "
In a nutshell: The Foreshadow security blank allows access to information stored in the computer memory. Intel's technical manuals indicate that memory areas can be labeled as off-limits, but the opposite is the case. By adding malicious code to a machine, a virtual machine, or a Cloud server, attackers can access areas of memory that they should not normally have because they contain very sensitive data.
The three vulnerabilities of Foreshadow have been recorded with different CVE codes:
CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646.
The CVE description page of Intel reports a complete list of platforms that may be affected by Foreshadow vulnerabilities.
Check the list for your CPU model.
Is my computer running out of Foreshadow?
Make sure your system is up to date. The research teams that discovered Foreshadow revealed all the details to Intel back in January. So Intel had plenty of time to develop and release patches.
In addition, researchers and Intel report that such attacks are extremely rare. The know-how and cost required to carry out this attack make it almost impossible for attackers in the series. Cycling techniques are much easier to use and almost costly for the hacker community.
For more technical details see the vulnerability page.
_______________________________
- Intel 32 suits for Meltdown and Specter vulnerabilities
- Intel: 8 discovered new Specter vulnerabilities
