Researchers discover troubling new security flaw in all modern Intel processors

Researchers discover troubling new security flaw in all modern Intel processors 1

Researchers from BitDefender have uncovered a concerning security vulnerability present in all modern Intel processors. If executed, the flaw could permit an adversary to access the computer’s kernel memory, which could potentially result in them gaining access to sensitive information, like passwords, tokens, and private conversations.

The flaw affects all machines using Intel processors that support the SWAPGS system call, which allows the processor to swap between the kernel mode and user mode memory rings. This feature is part of the speculative execution features present in most modern processors, which allow the CPU to predictively execute tasks in anticipation of them being required.

Troublingly, the flaw bypasses most of the hardware-level protections introduced after the Spectre and Meltdown security issues.

The latest Intel security nightmare

Speculative execution can result in improved performance for the end-user, but it also presents a tempting avenue of attack for anyone wishing to access sensitive information. It’s no surprise that most of the silicon-level attacks we’ve seen in recent years have focused on this feature, most notably Spectre, Meltdown, and Foreshadow.

The SWAPGS instruction is found in most Intel CPUs released after 2012, including those released after Ivy Bridge. On the consumer side, the flaw impacts the third generation of Intel Core processors and beyond, although Bitdefender notes that it also presents a grave threat to enterprise users, as well as those using Intel processors on servers.

In a statement, Gavin Hill, Vice President, Datacenter and Network Security Products at Bitdefender said: “Criminals with knowledge of these attacks would have the power to uncover the most vital, best-protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage and spy.”

As with any chip-level threat, anyone using shared computing platforms are among those at the greatest risk. Those using a cloud computing provider could, for example, see an attacker exploit this vulnerability to access credentials and information within their own user space, such as private encryption keys and passwords.

BitDefender predicts that this will ultimately be used as a component within a targeted attack. Due to the inherent complexity of chip-level exploits, it doesn’t foresee a situation where it’ll be used in a mass-malware pandemic, such as when the NSA-developed exploit EternalBlue was used to spread the infamous WannaCry ransomware.

Why this matters

Intel processors sit at the heart of most modern computers. This ubiquity presents a troubling security challenge. If a security flaw is discovered at the heart of a computer, it’s extremely challenging to mitigate it.

If a fix is found (which isn’t always a given), it’s often deployed in microcode patches, which many home users may neglect or struggle to install. Furthermore, as we found with the Spectre and Meltdown flaws, any fixes might result in a dramatic deterioration in computer performance.

Fortunately, in this particular case, BitDefender has worked with Intel, as well as other stakeholders, including Microsoft and the Linux Foundation, for over a year to produce a fix that remedies the problem. The company advises users install the latest security patches from their operating system manufacturer with haste.

The company also recommends enterprise users install BitDefender Hypervisor Introspection, which provides protection against many chip-level attacks.

Still, as with any vulnerability that impacts a large swathe of the world’s computers, it’ll take a long time before all systems are protected against this exploit. We saw this trend with Heartbleed, the OpenSSL vulnerability discovered in 2014. Almost three years after its initial discovery, over 200,000 Internet-accessible machines remained unpatched – and therefore insecure.

Researchers discover troubling new security flaw in all modern Intel processors 2
About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 44,884.00
ethereum
Ethereum (ETH) $ 3,156.68
cardano
Cardano (ADA) $ 2.27
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 383.46
xrp
XRP (XRP) $ 1.00
solana
Solana (SOL) $ 149.83
polkadot
Polkadot (DOT) $ 32.85
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.223844
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 44,884.00
ethereumEthereum (ETH)
$ 3,156.68
tetherTether (USDT)
$ 1.00
bitcoin-cashBitcoin Cash (BCH)
$ 552.13
litecoinLitecoin (LTC)
$ 164.20
bitcoinBitcoin (BTC)
38.272,45
ethereumEthereum (ETH)
2.691,69
tetherTether (USDT)
0,852697
bitcoin-cashBitcoin Cash (BCH)
470,80
litecoinLitecoin (LTC)
140,01
bitcoinBitcoin (BTC)
32,905.58
ethereumEthereum (ETH)
2,314.24
tetherTether (USDT)
0.733125
bitcoin-cashBitcoin Cash (BCH)
404.78
litecoinLitecoin (LTC)
120.38

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021

Blockchain/Cryptocurrency Questions and Answers

Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
Solana
What Is Solana (SOL) And How Does It Work?
June 26, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin44,661 0.78 % 2.76 % 7.32 %
Ethereum3,134.1 1.08 % 3.38 % 12.84 %
Cardano2.250 0.98 % 1.14 % 9.66 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Binance Coin382.06 0.62 % 1.16 % 11.13 %
XRP0.9950 0.75 % 0.93 % 11.07 %
Solana148.52 0.79 % 0.88 % 6.35 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
USD Coin1.000 0.39 % 0.18 % 0.00 %
Dogecoin0.2226 0.97 % 0.70 % 10.02 %

bitcoin
Bitcoin (BTC) $ 44,884.00
ethereum
Ethereum (ETH) $ 3,156.68
cardano
Cardano (ADA) $ 2.27
tether
Tether (USDT) $ 1.00
binance-coin
Binance Coin (BNB) $ 383.46
xrp
XRP (XRP) $ 1.00
solana
Solana (SOL) $ 149.83
polkadot
Polkadot (DOT) $ 32.85
usd-coin
USD Coin (USDC) $ 1.00
dogecoin
Dogecoin (DOGE) $ 0.223844