Foreshadow: Specter and Meltdown security holes continue to haunt microprocessor makers Intel and AMD. After the initial revelations, Intel expressed the hope that the security gaps would remain idle.
Unfortunately this was not the case, as immediately after the discovery of Specter and Meltdown, new gaps in processor security are being discovered. Foreshadow is one of the most recent security blanks discovered and will be discussed below in more detail.
What makes Foreshadow vulnerability?
Foreshadow is naked and like L1 Port Fault (L1TF). This is the latest vulnerability discovered in Intel Core processors. Foreshadow's public announcement lists a total of three vulnerabilities affecting Intel processors.
The first concerns Intel's security extensions (SGX), a feature featured in Intel's 7 chips. The irony of the case is that these chips have been designed to provide extra protection against unauthorized modifications.
The two other vulnerabilities affect virtually all other Intel CPUs.
See demo of an attack:
Foreshadow is the result of independent collaborative security research by two different groups: KU Leuven's imec-DistriNet and a large team consisting of the University of Michigan, the University of Adelaide and CSIRO's Data61.
"What our attack is doing is using techniques that are similar to the Meltdown attacks six months ago," said Professor Thomas Wenisch of the University of Michigan.
"But we found that we can specifically target a lock box on Intel processors. With this we can leak any data we want. "
In a nutshell: The Foreshadow security vulnerability allows access to information held in computer memory. Intel's technical manuals state that areas of memory can be marked as off-limits, but the opposite is true. By adding malicious code to a machine, a virtual machine or in a Cloud server, attackers can gain access to areas of memory that they normally shouldn't be able to because they contain very sensitive data.
The three vulnerabilities of Foreshadow have been recorded with different CVE codes:
CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646.
The CVE description page of Intel reports a complete list of platforms that may be affected by Foreshadow vulnerabilities.
Check the list for your CPU model.
Is my computer running out of Foreshadow?
Make sure your system is up to date. The research teams that discovered Foreshadow revealed all details to Intel since January. So Intel had enough time to develop and release patches.
In addition, the researchers και η Intel αναφέρουν ότι τέτοιες επιθέσεις είναι εξαιρετικά σπάνιες. Η τεχνογνωσία και το κόστος που απαιτείται για την πραγματοποίηση αυτής της επίθεσης την καθιστούν σχεδόν αδύνατη για επιτιθέμενους της σειράς. Οι τεχνικές ηλεκτρονικού “ψαρέματος” είναι πολύ πιο εύχρηστες και σχεδόν κόστος για την κοινότητα των hackers.
For more technical details see the vulnerability page.
_______________________________
- Intel 32 suits for Meltdown and Specter vulnerabilities
- Intel: 8 discovered new Specter vulnerabilities
