Notebookcheck Logo

Another month, another Intel chipset malware vulnerability

More vulnerabilities have been uncovered in Intel's silicon. (Image: Intel)
More vulnerabilities have been uncovered in Intel's silicon. (Image: Intel)
Intel has undoubtedly had more than its fair share of chipset security issues over the past couple of years. However, the end to the company’s security woes doesn’t yet seem to be in sight after yet another vulnerability has been discovered, this time deep in its silicon’s built-in security measures.
Coffee Lake Desktop Kaby Lake Laptop Security

It seems that rarely a few weeks passes between news of another Intel chipset security vulnerability is uncovered. Ironically, the latest security hole has been discovered in one of Intel’s chipset security measures known as its Software Guard Extension (SGX). According to Intel, SGX “is a set of security instructions that increases the security of application code and data, giving them more protection from disclosure or modification.”

Ars Technica reports that two separate academic teams have identified two discrete exploits that can give hackers access to what is ostensibly the most secure enclaves or blocks of security memory within Intel’s silicon. SGX works by encrypting data from the CPU that is then written to the system RAM. On return to the CPU it is decrypted and the SGX system is designed to protect the code or data from this potential vulnerability. The latest SGX attacks known as SGAxe and CrossTalk bypass SGX using very sophisticated methodology but are the very sort of attacks that the system is expected to stop.

Although there is no evidence the hacks have been exploited Intel is nonetheless scrambling to develop a fix for both potential attacks and is planning on issuing an update for OEMs soon. Intel is quick to point out that there is already code mitigation released for a component of the SGAxe attack, but it will still move to patch the attack completely. In the meantime, Intel has published a list of processors that are vulnerable to the last attacks on its silicon which covers everything from Skylake to Amber Lake Y.

Source(s)

Ars Technica

Related Articles

AMD Ryzen 7000 series architecture (Source: AMD)
AMD Ryzen 7000 CPUs are faster in Linux with Spectre V2 mitigations enabled 10/05/2022
HP Support Assistant is vulnerable to DLL hijacking
New security flaw discovered in HP Support Assistant 09/08/2022
The Joker malware can obtain SMS management information that leads to unwanted premium SMS subscription signups. (Image source: Unsplash - edited)
Joker malware discovered in multiple apps with thousands of installs on the Google Play Store 11/23/2021
The Discord CDN network is apparently being abused to send malware masquerading as images, video, or text (Image source: Discord)
Hackers are using Discord to send malware and remote-access trojans, putting millions of users at risk 10/30/2021
Routers with security vulnerabilities are the perfect gateway for malware (Image: Stephen Phillips)
Microsoft went from door to door to take malware-infected routers offline 07/20/2021
Apple software chief Craig Federighi confirmed Mac software vulnerability mid-May 2021 (Source: Wccftech)
It's official: The Mac has a security problem 05/20/2021
Researchers claim hackers could leverage the vulnerabilities to target
Intel refutes claim that newly-uncovered Spectre vulnerability variants need patching with performance-leeching fixes 05/04/2021
The fake System Upate app's on-screen presence. (Source: Zimperium)
An Android app calling itself "System Update" is unmasked as malware by a security company 03/28/2021
The first Apple M1-native running malware has been discovered. (Image source: Apple/PCRisk - edited)
Apple M1-native malware targets users of the new MacBook Pro, MacBook Air, and Mac Mini with unwanted Pirrit adware 02/18/2021
Apple introdujo sus propios chips ARM. (Fuente: YouTube)
Un ex-ingeniero de Intel dice saber por qué Apple fue a la casa para el futuro de los procesadores Mac 06/25/2020
Apple intros its own ARM chips. (Source: YouTube)
An ex-Intel engineer claims to know why Apple went in-house for the future of Mac processors 06/25/2020
Yet another Intel chip-level security flaw uncovered. (Source: Intel)
New and unfixable Intel chip flaw discovered putting PCs at risk of attack 03/07/2020
New ZombieLoad attack can exploit all Intel chips dating back to 2011
New ZombieLoad attack can exploit all Intel chips dating back to 2011 05/14/2019
Intel seems optimistic about any financial losses that could occur with all the litigations queuing up. (Source: Tech Viral)
Meltdown / Spectre CPU vulnerabilities brought Intel 32 lawsuits in 1.5 months 02/19/2018
The Chinese knew of Meltdown and Spectre much before the US Government according to The WSJ. (Source: Reddit)
Intel alerted select corporations about Meltdown/Spectre, China speculated to have known about it before the US 01/30/2018
It is rumored that an embargo on the details of the flaw are due to be lifted later this month, after patches have been issued. (Source: Intel)
Intel hardware flaw will cause a drop in performance for kernel heavy processes once fixed 01/04/2018
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2020 06 > Another month, another Intel chipset malware vulnerability
Sanjiv Sathiah, 2020-06-10 (Update: 2020-06-10)