Foreshadow Intel
  • With Meltdown and Spectre making all the news last year, Intel is facing yet more security flaws in their chipsets.
  • A new ‘Foreshadow’ flaw has been discovered by security researchers which affect Intel hardware released after 2015.
  • Cloud computing systems and virtual systems are also vulnerable to the new security flaw.

Security flaws and Intel are becoming synonymous with yet another hardware vulnerability making the rounds. Joint research by KU Leuven University (Belgium), University of Michigan and University of Adelaide have revealed a new chipset vulnerability which is being touted as the new Foreshadow vulnerability.

Intel has already released a patch for the Foreshadow vulnerabilities and future processors will be modified to prevent security issues. Virtual machine and cloud providers will need to individually patch their systems and major cloud service providers like Google, Amazon Web Services, and Microsoft Azure have already deployed patches.

There are two major kinds of attacks possible with the new vulnerability. The first method allows attackers to read any information located in the L1 cache including system information and OS kernel data. A more robust attack involves bypassing security checks that may be in place to prevent execution attacks similar to Meltdown and Spectre. The Foreshadow vulnerability allows attackers just a single compromised SGX machine to hack an entire SGX ecosystem.

The vulnerability was disclosed to Intel in January and for the first time, cloud computing systems and virtual systems can also be affected. All Intel chipsets released after 2015 can be affected along with the top-end Core and Xeon server chipsets. The manufacturer has released a list of affected chipsets and revealed that no exploits are using the flaw at this time.

The attack is different from the Meltdown vulnerability as it attacks virtual machines and the data stored in devices. Patches that were deployed to stop Meltdown and Spectre are said to be ineffective against Foreshadow. There are no detection tools capable of identifying the vulnerability as of now.

Cryptography expert and Chief Scientist Yehuda Lindell of Unbound Tech, responded to us via email stating,”Foreshadow attack as another in a long string of never-ending hardware-related security vulnerabilities. I feel that organizations in need of security shouldn’t depend on TEE’s or any other non-isolated hardware for root-of-trust components. Also, there are inherent limits to the security a TEE can provide when they run on the same CPU as malware.”

What do you think about the new Foreshadow vulnerability? Let us know in the comments below. Also, to get instant tech updates, follow TechNadu’s Facebook page, and Twitter handle.