Intel processors have been hit by another CPU security vulnerability dubbed as Foreshadow, which allows the attacker to steal sensitive information inside personal computers or third party clouds.

Foreshadow, also called by Intel as L1 Terminal Fault or L1TF, attacks Intel's Security Guard Extensions (SGX) within its Core chips through speculative execution. According to researchers who discovered it, Foreshadow capitalizes on the vulnerability of SGX enclaves and extracts any data protected via SGX secure memory.

According to Intel, the researchers who reported about the existence of Foreshadow came from imec-DistriNet, KU Leuven, Technion-Israel Institute of Technology, University of Michigan, University of Adelaide, and Data61.

This was the third time that the vulnerability of Intel processors was revealed. Initially, the flaws of Intel chips were revealed by attacks dubbed as Meltdown and Spectre, which also both use speculative execution.

How Foreshadow Affects Computers?

According to Intel, Foreshadow can exploit the CPU in three different ways. First, it affects Intel's SGX, which is designed to allow applications running on a computer to put the user's most sensitive data inside a virtual fortress or enclave.

Supposedly, data inside each enclave should be protected from alteration or access from outside programs such as malware. However, the enclave can be penetrated via a process called "speculative execution." Foreshadow can also attack the System Management Mode (SMM) memory, Virtual Machines (VMs) and hypervisors (VMM). While Intel considers the flaw serious, the company said it is not aware of any real-world attacks using the said method.

However, Intel admitted the flaw could be used to retrieve data in the operating system memory through malicious applications. Also, a malicious guest virtual machine may infer data in the VM's memory. In addition, malicious software running outside of SMM may infer data in the SMM memory from within another Intel SGX enclave.

Intel Taking Steps To Mitigate Attacks

The researchers who looked into the Foreshadow's effects strongly urge users to update their systems to mitigate these attacks. Also, they said users must follow mitigation guidelines published by Intel.

Intel is also continuously working with operating system vendors, equipment manufacturers, and other ecosystem partners to develop platform firmware and software updates that can help protect systems from these attacks.

Intel added that it has released an updated version of its microprocessor microcode to customers and partners to protect them from possible attacks. However, this must be coupled with corresponding updates to operating system and hypervisor software available from industry partners.

The updates will ensure that consumers, IT professionals, and cloud service providers have access to the protections they need, according to Intel.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion