Oops! It appears that you have disabled your Javascript. In order for you to see this page as it is meant to appear, we ask that you please re-enable your Javascript!

CIS Hosting

CALL NOW!(ID:182259)
+44-20-3695-1294
HomeBlogIntel reveals more major chip security flaws

Intel reveals more major chip security flaws

Intel is facing a fresh security headache following the news that its hardware is being hit by a major new vulnerability.

The Foreshadow flaw had been identified by security researchers who say that all Intel hardware released after 2015 could be affected, with cloud computing systems and virtual machines also affected for the first time.

The vulnerability could allow third parties or hackers to access personal information on an Intel-powered device, with many of the company's top-end Core and Xeon processors among the products affected.

Intel has posted a full list of affected hardware on its website, but says that it was "not aware" of the flaw being utilised in real-world exploits at this time.

Foreshadow security flaw

Foreshadow was uncovered in joint research by researchers at KU Leuven university in Belgium and the universities of Michigan and Adelaide. The team notified Intel of the attack back in January, but is separate from that seen in the work on the Spectre and Meltdown attacks uncovered in the same month.

The attack is different from Meltdown as it targets virtual machines as well as the data stored on a device (which was the method of the earlier attack)

The team notes that Foreshadow is also resistant to the systems used to block Meltdown, and also can get around protection set up to stop the Spectre attacks. 

Users will also most likely not be able to detect if they have been affected by the new attack, as Foreshadow does not leave traces. 

Intel has already released a patch that it says will stop the issue, and states that future processors will be tweaked in order to not be affected by Foreshadow. 

Individual VM and cloud providers will need to produce their own workarounds, however, with the likes of AWS, Google and Microsoft Azure confirming they have already done so.

TechRadar: latest computing news

Tags: , , , , , ,

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>