Notebookcheck
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

Another month, another Intel chipset malware vulnerability

More vulnerabilities have been uncovered in Intel's silicon. (Image: Intel)
More vulnerabilities have been uncovered in Intel's silicon. (Image: Intel)
Intel has undoubtedly had more than its fair share of chipset security issues over the past couple of years. However, the end to the company’s security woes doesn’t yet seem to be in sight after yet another vulnerability has been discovered, this time deep in its silicon’s built-in security measures.
Sanjiv Sathiah,
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

It seems that rarely a few weeks passes between news of another Intel chipset security vulnerability is uncovered. Ironically, the latest security hole has been discovered in one of Intel’s chipset security measures known as its Software Guard Extension (SGX). According to Intel, SGX “is a set of security instructions that increases the security of application code and data, giving them more protection from disclosure or modification.”

Ars Technica reports that two separate academic teams have identified two discrete exploits that can give hackers access to what is ostensibly the most secure enclaves or blocks of security memory within Intel’s silicon. SGX works by encrypting data from the CPU that is then written to the system RAM. On return to the CPU it is decrypted and the SGX system is designed to protect the code or data from this potential vulnerability. The latest SGX attacks known as SGAxe and CrossTalk bypass SGX using very sophisticated methodology but are the very sort of attacks that the system is expected to stop.

Although there is no evidence the hacks have been exploited Intel is nonetheless scrambling to develop a fix for both potential attacks and is planning on issuing an update for OEMs soon. Intel is quick to point out that there is already code mitigation released for a component of the SGAxe attack, but it will still move to patch the attack completely. In the meantime, Intel has published a list of processors that are vulnerable to the last attacks on its silicon which covers everything from Skylake to Amber Lake Y.

Source(s)

static version load dynamic
Loading Comments
Comment on this article
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 
Sanjiv Sathiah
Sanjiv Sathiah - Senior Tech Writer - 1254 articles published on Notebookcheck since 2017
I have been writing about consumer technology over the past ten years, previously with the former MacNN and Electronista, and now Notebookcheck since 2017. My first computer was an Apple ][c and this sparked a passion for Apple, but also technology in general. In the past decade, I’ve become increasingly platform agnostic and love to get my hands on and explore as much technology as I can get my hand on. Whether it is Windows, Mac, iOS, Android, Linux, Nintendo, Xbox, or PlayStation, each has plenty to offer and has given me great joy exploring them all. I was drawn to writing about tech because I love learning about the latest devices and also sharing whatever insights my experience can bring to the site and its readership.
contact me via: @t3mporarybl1p
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2020 06 > Another month, another Intel chipset malware vulnerability
Sanjiv Sathiah, 2020-06-10 (Update: 2020-06-10)