Another month, another Intel chipset malware vulnerability
It seems that rarely a few weeks passes between news of another Intel chipset security vulnerability is uncovered. Ironically, the latest security hole has been discovered in one of Intel’s chipset security measures known as its Software Guard Extension (SGX). According to Intel, SGX “is a set of security instructions that increases the security of application code and data, giving them more protection from disclosure or modification.”
Ars Technica reports that two separate academic teams have identified two discrete exploits that can give hackers access to what is ostensibly the most secure enclaves or blocks of security memory within Intel’s silicon. SGX works by encrypting data from the CPU that is then written to the system RAM. On return to the CPU it is decrypted and the SGX system is designed to protect the code or data from this potential vulnerability. The latest SGX attacks known as SGAxe and CrossTalk bypass SGX using very sophisticated methodology but are the very sort of attacks that the system is expected to stop.
Although there is no evidence the hacks have been exploited Intel is nonetheless scrambling to develop a fix for both potential attacks and is planning on issuing an update for OEMs soon. Intel is quick to point out that there is already code mitigation released for a component of the SGAxe attack, but it will still move to patch the attack completely. In the meantime, Intel has published a list of processors that are vulnerable to the last attacks on its silicon which covers everything from Skylake to Amber Lake Y.