Intel has announced a new security vulnerability in its products that may lead to the disclose of sensitive data. This is the third time, this year, that the company has confessed about weakness in their products. Intel announced that the defect in SGX technology, the Foreshadow or the L1TF, has been detected by a separate group of researchers and can be exploited by intruders or malwares to access computer data without user consent, through the computer cache.
SGX technology, or software protection extensions, were created to protect sensitive data in seventh generation core and above, and to create secure pockets within the processor that are believed to be inaccessible if BIOS, VM and OS are compromised. Intel announced that it was not aware of any reports that theses methods have been used in real world exploits, but this emphasize the need for everyone to adhere to the best safety practices.
The company issued a patch to mitigate the problem, affecting processors released from 2015 onward, and a full list of affected components was posted on the Intel site. Future treatments will be build in a way that is not affected by the appearance of Foreshadow. The company advises computer users to download any software updates available, and confirmed that individuals are unlikely to have any impact on performance after installing the updates.
“What our attack does is that it uses techniques very similar to the Meltdown attacks discovered few months ago” Said professor Thomas Wenish of the university of Michigan in a joint work by researchers from the university of Ku Leuven in Belgium and others from the university of Adelaide and Michigan. “But we found out that we could specifically target a lock box inside the Intel processors, allowing leakage of any data the attacker wants from these secure pockets.”
The Foreshadow loophole is capable of breaking the walls between virtual machines, which is a real concern for cloud companies that share their space services with other processes that are theoretically isolated. Intel is working with cloud service providers to detect L1TF based exploits while the system is running.
The news came in the wake of similar loopholes, Specter and Meltdown, which were discovered in January this year. These loopholes have affected chips operating across different hardware types, including servers, desktops, laptops, tablets, smartphones, and so on… which could potentially compromise the data within those devices, where flaws allowed hackers to misrepresent a common technology used to speed up data processing, prompting chip and software manufacturers to issue security patches.