Foreshadow: The Gaps security Specter and Meltdown continue to haunt microprocessor manufacturers Intel and AMD. After the initial revelations, Intel expressed the hope that the security gaps would remain idle.
Unfortunately this was not the case, as immediately after the discovery of Specter and Meltdown, new gaps in processor security are being discovered. Foreshadow is one of the most recent security blanks discovered and will be discussed below in more detail.
What makes Foreshadow vulnerability?
The Foreshadow is also a L1 Terminal Fault (L1TF). This is the latest vulnerability discovered in Intel Core processors. The public announcement by Foreshadow reports three vulnerabilities that affect Intel processors.
The first concerns Intel's security extensions (SGX), a feature featured in Intel's 7 chips. The irony of the case is that these chips have been designed to provide extra protection against unauthorized modifications.
The two other vulnerabilities affect almost all other generations of Intel CPUs.
See demo of an attack:
Foreshadow is the result of an independent cooperative security research for two different groups: KU Leuven's imec-DistriNet and a large group consisting of the University of Michigan, the University of Adelaide and the CSIRO Data61.
"What our attack is doing is using techniques that are similar to the Meltdown attacks six months ago," said Professor Thomas Wenisch of the University of Michigan.
"But we found that we can specifically target a lock box on Intel processors. With this we can leak any data we want. "
In short: The security gap Foreshadow επιτρέπει την πρόσβαση σε πληροφορίες που κρατούνται στη μνήμη του υπολογιστή. Τα τεχνικά εγχειρίδια της Intel αναφέρουν ότι οι περιοχές της μνήμης μπορούν να επισημανθούν σαν off-limits, αλλά συμβαίνει το αντίθετο. Με την προσθήκη maliciousy code on a machine, a virtual machine or a Cloud server, attackers can gain access to areas of memory that they normally shouldn't be able to because they contain very sensitive data.
The three vulnerabilities of Foreshadow have been recorded with different CVE codes:
CVE-2018-3615, CVE-2018-3620 and CVE-2018-3646.
The CVE description page of Intel reports a complete list of platforms that may be affected by Foreshadow vulnerabilities.
Check the list for your CPU model.
Is my computer running out of Foreshadow?
Make sure your system is up to date. The research teams that discovered Foreshadow revealed all details to Intel since January. So Intel had enough time to develop and release patches.
In addition, researchers and Intel report that such attacks are extremely rare. The know-how and cost required to carry out this attack make it almost impossible for attackers in the series. Cycling techniques are much easier to use and almost costly for the hacker community.
For more technical details see the vulnerability page.
_______________________________
- Intel 32 suits for Meltdown and Specter vulnerabilities
- Intel: 8 discovered new Specter vulnerabilities
