Bitdefender, an innovative cybersecurity solutions provider protecting 500 million machines worldwide, has discovered a new security vulnerability that affects all modern Intel CPUs which leverage speculative-execution, potentially letting hackers access passwords, tokens, private conversations, encryption and other sensitive data of both home and enterprise users.
The vulnerability opens the way to a side-channel attack that gives the attacker a method to access all information in the operating system kernel memory.
The attack bypasses all known mitigations implemented after the discovery of Spectre and Meltdown in early 2018. Every machine using newer Intel processors which leverage speculative-execution and running Windows is affected, including servers and laptops.
“Criminals with knowledge of these attacks would have the power to uncover the most vital, best-protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage and spy,” said Gavin Hill, Vice President, Datacenter and Network Security Products at Bitdefender.
“Research into these attacks is on the cutting edge as it gets to the very roots of how modern CPUs operate and requires a thorough understanding of CPU internals, OS internals and speculative-execution side-channel attacks in-general.”
This side-channel attack takes advantage of speculative execution, a functionality that seeks to speed-up the CPU by having it make educated guesses as to which instructions might come next. Speculative execution can leave traces in-cache which attackers leverage to leak privileged, kernel memory.
This attack combines Intel speculative execution of instructions and the use of a specific instruction by Windows operating systems within what is known as a gadget.
Bitdefender has worked with Intel for more than a year on public disclosure of this attack. It is possible that an attacker with knowledge of the vulnerability could have exploited it to steal confidential information.
Microsoft, and the other ecosystem partners have – or continue to assess – issuing patches, as appropriate.
In a statement, a spokesman for Intel said: “Intel, along with industry partners, determined the issue was better addressed at the software level and connected the researchers to Microsoft.
“It takes the ecosystem working together to collectively keep products and data more secure and this issue is being coordinated by Microsoft.”
More information about this attack is available on Bitdefender Labs, as well as in the technical whitepaper.
Click below to share this article
