Foreshadow: What is it and how can I protect it?

Foreshadow: Specter and Meltdown security holes continue to haunt microprocessor makers Intel and AMD. After the initial revelations, Intel expressed hope that the security holes would remain .Foreshadow

Unfortunately this was not the case, as immediately after the discovery of Specter and Meltdown, new gaps in processor security are being discovered. Foreshadow is one of the most recent security blanks discovered and will be discussed below in more detail.

What makes Foreshadow vulnerability?

Foreshadow is also known as L1 Terminal Fault (L1TF). This is the latest vulnerability discovered in Intel Core. Foreshadow's public announcement lists a total of three vulnerabilities affecting Intel processors.

The first concerns Intel Security Extensions (SGX), a feature of Intel's 7th generation chips. The irony of the case is that these chips were designed for extra of the code from unauthorized modifications.

The two other vulnerabilities affect virtually all other Intel CPUs.

See demo of an attack:

Foreshadow is the result of independent collaborative security research by two different groups: KU Leuven's imec-DistriNet and a large team consisting of the University of , the University of Adelaide and CSIRO's Data61.

"What our attack is doing is using techniques that are similar to the Meltdown attacks six months ago," said Professor Thomas Wenisch of the University of Michigan.

"But we discovered that we can specifically target a lock box on Intel processors. With this we can leak any we want."

In a nutshell: The Foreshadow security blank allows access to information stored in the computer memory. Intel's technical manuals indicate that memory areas can be labeled as off-limits, but the opposite is the case. By adding malicious code to a machine, a virtual machine, or a Cloud server, attackers can access areas of memory that they should not normally have because they contain very sensitive data.

The three vulnerabilities of Foreshadow have been recorded with different CVE codes:
CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646.

The CVE description page of Intel reports a complete list of platforms that may be affected by Foreshadow vulnerabilities.
Check the list for your CPU model.

Is my computer running out of Foreshadow?

Make sure your system is up to date. The research teams that discovered Foreshadow revealed all details to Intel since January. So Intel had enough time to develop and release patches.

In addition, researchers and Intel report that such attacks are extremely rare. The know-how and cost required to carry out this attack make it almost impossible for attackers in the series. Cycling techniques are much easier to use and almost costly for the hacker community.

For more technical details see the vulnerability page.

_______________________________

 

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).