A team of researchers have uncovered another cyber security flaw that impacts central processing units (CPUs) from Intel.

The flaw, called Foreshadow, is speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds.

The new vulnerability comes hot on the heels of the discovery of the Meltdown and Spectre flaws in early January. Matters were not helped when Intel botched the initial fix for the problem, and dismissed warnings that the fixes would impact the processor performance.

Intel unveils the 8th Gen Intel Core processor family and launches the first of the family on Monday, Aug. 21, 2017. The 8th Gen Intel Core processors are designed for what’s next and deliver up to 40% gen over gen performance boost. (Credit: Intel Corporation)

Foreshadow flaw

Intel later admitted that a hardware change in chips shipping this year would replace the performance-draining software patches.

But now a group of researchers from five academic institutions discovered that the most secure area of Intel chips is not as secure as it should be.

This secure area is called the Software Guard Extensions feature (SGX). Essentially, this allows programs to create secure enclaves on Intel processors. This is a region on the Intel processor that can be sectioned off to run code that the computer’s operating system can’t access or change. Basically it is safe haven for sensitive data or code that is supposed to be secure, even if the computer or server itself is compromised by malware.

But the researchers warn that the Foreshadow flaw has two versions.

“The original attack designed to extract data from SGX enclaves and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory,” said the researchers.

A video of the flaw can be found here.

The researchers, when they discovered the flaw, alerted Intel in early January. Intel then identified two closely related variants, potentially affecting additional microprocessors, SMM code, Operating system and Hypervisor software.

And Intel admits the flaw is very serious, as the Foreshadow bugs can allow malicious applications “to infer the values of data in the operating system memory, or data from other applications.”

Intel also said a malicious guest virtual machine (VM) may be able to infer the values of data in the VMM’s memory, or values of data in the memory of other guest VMs; malicious software running outside of SMM may be able to infer values of data in SMM memory; and finally malicious software running outside of an Intel SGX enclave or within an enclave may be able to infer data from within another Intel SGX enclave.

Intel has released new microcode for many of the processors affected and patched are included in Microsoft’s latest Patch Tuesday security update.

Cloud warning

One expert highlighted the threat this type of flaw poses to cloud service providers.

“Cloud providers of virtual servers are more susceptible than on-premises networks in this instance because that’s the most likely place you’d have one physical server housing dozens of virtual machines run by different companies,” explained Ken Spinner, VP of field engineering at Varonis.

“If the vulnerability could be successfully exploited, attackers could hit the jackpot,” said Spinner. “However, a data centre could hold literally hundreds of thousands of servers and potentially millions of VMs. Hackers would be conducting an unfocused attack, rather than focusing on exploiting a target organisation. It would be a shot in the dark.”

“These vulnerabilities are the latest in a long line of exploits,” he concluded. “While the approaches change, the goal often stays the same – to grab your company’s data. To complicate matters, most companies are dealing with hybrid data stores with some of their data on-premises and some in the cloud, which creates challenges and potential risk from a security and data governance standpoint. Never assume your data is safe in the cloud.”

Do you know all about Intel? Take our quiz.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago