The Hacker News Logo
Subscribe to Newsletter

The Hacker News — Latest Cyber Security, Hacking & Tech News: intel chipset

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

SWAPGS Attack — New Speculative Execution Flaw Affects All Modern Intel CPUs

August 06, 2019Mohit Kumar
A new variant of the Spectre (Variant 1)  side-channel vulnerability has been discovered that affects all  modern Intel CPUs , and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the operating system privileged kernel memory, including passwords, tokens, and encryption keys, that would otherwise be inaccessible. Speculative execution is a core component of modern microprocessor design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded. Such speculative executions also have side effects that are not restored when the CPU state is unwound, leading to information disclosure, which can then be accessed using side-channel attacks . Microsof
New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

New Class of CPU Flaws Affect Almost Every Intel Processor Since 2011

May 14, 2019Swati Khandelwal
Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices. After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and Meltdown variations surfaced again and again. Now, a team of security researchers from multiple universities and security firms has discovered different but more dangerous speculative execution side-channel vulnerabilities in Intel CPUs. The newly discovered flaws could allow attackers to directly steal user-level, as well as system-level secrets from CPU buffers, including user keys, passwords, and disk encryption keys. Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true.
Researchers Implant "Protected" Malware On Intel SGX Enclaves

Researchers Implant "Protected" Malware On Intel SGX Enclaves

February 13, 2019Swati Khandelwal
Cybersecurity researchers have discovered a way to hide malicious code in Intel SGX enclaves, a hardware-based memory encryption feature in modern processors that isolates sensitive code and data to protect it from disclosure or modification. In other words, the technique allows attackers to implant malware code in a secure memory that uses protection features of SGX which are otherwise designed to protect important data from prying eyes or from being tampered, even on a compromised system. Introduced with Intel's Skylake processors, SGX (Software Guard Extensions) allows developers to run selected application modules in a completely isolated secure region of memory, called enclaves, which are designed to be protected from processes running at higher privilege levels like the operating system, kernel, BIOS, SMM, hypervisor, etc. However, a team of researchers, some of whom were behind the discovery of the Spectre-Meltdown CPU flaws , managed to bypass this protection and g
New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

November 04, 2018Swati Khandelwal
A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff out sensitive protected data, like passwords and cryptographic keys, from other processes running in the same CPU core with simultaneous multi-threading feature enabled. The vulnerability, codenamed PortSmash (CVE-2018-5407), has joined the list of other dangerous side-channel vulnerabilities discovered in the past year, including Meltdown and Spectre , TLBleed , and Foreshadow . Discovered by a team of security researchers from the Tampere University of Technology in Finland and Technical University of Havana, Cuba, the new side-channel vulnerability resides in Intel's Hyper-Threading technology, the company's implementation of Simultaneous MultiThreading (SMT). Simultaneous MultiThreading is a performance feature that works by splitting up each physical core of a processor into virtual cores, known as threads, allowing each core to
Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

August 15, 2018Swati Khandelwal
2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks. Dubbed Foreshadow , alternatively called L1 Terminal Fault or L1TF, the new attacks include three new speculative execution side-channel vulnerabilities affecting Intel processors. The Foreshadow attacks could allow a hacker or malicious application to gain access to the sensitive data stored in a computer's memory or third-party clouds, including files, encryption keys, pictures, or passwords. The three Foreshadow vulnerabilities have been categorized into two variants: 1.) Foreshadow Foreshadow ( PDF ) targets a new technology originally been designed to protect select code and users' data from disclosure or modification, even if the entire system falls under a
Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

Two New Spectre-Class CPU Flaws Discovered—Intel Pays $100K Bounty

July 11, 2018Mohit Kumar
Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one ( CVE-2017-5753 ). The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a bounds-check bypass store attack has been considered as more dangerous. Earlier this year, Google Project Zero researchers disclosed details of Variants 1 and 2 (CVE-2017-5753 and CVE-2017-5715), known as Spectre, and Variant 3 (CVE-2017-5754), known as Meltdown. Spectre flaws take advantage of speculative execution, an optimization technique used by modern CPUs, to potentially expose sensitive data through a side channel by observing the system. Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded. New Spectre-Cla
OpenBSD Disables Intel Hyper-Threading to Prevent Spectre-Class Attacks

OpenBSD Disables Intel Hyper-Threading to Prevent Spectre-Class Attacks

June 20, 2018Swati Khandelwal
Security-oriented BSD operating system OpenBSD has decided to disable support for Intel's hyper-threading performance-boosting feature, citing security concerns over Spectre-style timing attacks . Introduced in 2002, Hyper-threading is Intel's implementation of Simultaneous Multi-Threading (SMT) that allows the operating system to use a virtual core for each physical core present in processors in order to improve performance. The Hyper-threading feature comes enabled on computers by default for performance boosting, but in a detailed post published Tuesday, OpenBSD maintainer Mark Kettenis said such processor implementations could lead to Spectre-style timing attacks. "SMT (Simultaneous multithreading) implementations typically share TLBs and L1 caches between threads," Kettenis wrote. "This can make cache timing attacks a lot easier, and we strongly suspect that this will make several Spectre-class bugs exploitable." In cryptography, side-channe
Microsoft's Meltdown Patch Made Windows 7 PCs More Insecure

Microsoft's Meltdown Patch Made Windows 7 PCs More Insecure

March 29, 2018Swati Khandelwal
Meltdown CPU vulnerability was bad, and Microsoft somehow made the flaw even worse on its Windows 7, allowing any unprivileged, user-level application to read content from and even write data to the operating system's kernel memory. For those unaware, Spectre and Meltdown were security flaws disclosed by researchers earlier this year in processors from Intel, ARM, and AMD, leaving nearly every PC, server, and mobile phone on the planet vulnerable to data theft. Shortly after the researchers disclosed the Spectre and Meltdown exploits , software vendors, including Microsoft, started releasing patches for their systems running a vulnerable version of processors. However, an independent Swedish security researcher Ulf Frisk found that Microsoft's security fixes to Windows 7 PCs for the Meltdown flaw—which could allow attackers to read kernel memory at a speed of 120 KBps—is now allowing attackers to read the same kernel memory at a speed of Gbps, making the issue even wo
Intel Warns Users Not to Install Its 'Faulty' Meltdown and Spectre Patches

Intel Warns Users Not to Install Its 'Faulty' Meltdown and Spectre Patches

January 23, 2018Swati Khandelwal
Don't install Intel's patches for Spectre and Meltdown chip vulnerabilities. Intel on Monday warned that you should stop deploying its current versions of Spectre/Meltdown patches , which Linux creator Linus Torvalds calls 'complete and utter garbage.' Spectre and Meltdown are security vulnerabilities disclosed by researchers earlier this month in many processors from Intel, ARM and AMD used in modern PCs, servers and smartphones (among other devices), which could allow attackers to steal your passwords, encryption keys and other private information. Since last week, users are reporting that they are facing issues like spontaneous reboots and other 'unpredictable' system behaviour on their affected computers after installing Spectre/Meltdown patch released by Intel. Keeping these problems in mind, Intel has advised OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of it
New Intel AMT Security Issue Lets Hackers Gain Full Control of Laptops in 30 Seconds

New Intel AMT Security Issue Lets Hackers Gain Full Control of Laptops in 30 Seconds

January 12, 2018Swati Khandelwal
It's been a terrible new-year-starting for Intel. Researchers warn of a new attack which can be carried out in less than 30 seconds and potentially affects millions of laptops globally. As Intel was rushing to roll out patches for Meltdown and Spectre vulnerabilities , security researchers have discovered a new critical security flaw in Intel hardware that could allow hackers to access corporate laptops remotely. Finnish cyber security firm F-Secure reported unsafe and misleading default behaviour within Intel Active Management Technology (AMT) that could allow an attacker to bypass login processes and take complete control over a user's device in less than 30 seconds. AMT is a feature that comes with Intel-based chipsets to enhance the ability of IT administrators and managed service providers for better controlling their device fleets, allowing them to remotely manage and repair PCs, workstations, and servers in their organisation. The bug allows anyone with phy
Huge Flaws Affect Nearly Every Modern Device; Patch Could Hit CPU Performance

Huge Flaws Affect Nearly Every Modern Device; Patch Could Hit CPU Performance

January 03, 2018Swati Khandelwal
UPDATE: Researchers have finally disclosed complete technical details of two kernel side-channel attacks, Meltdown and Spectre — which affect not only Intel but also systems and devices running AMD, ARM processors —allowing attackers to steal sensitive data from the system memory. ____________ The first week of the new year has not yet been completed, and very soon a massive vulnerability is going to hit hundreds of millions of Windows, Linux, and Mac users worldwide. According to a blog post published yesterday, the core team of Linux kernel development has prepared a critical kernel update without releasing much information about the vulnerability. Multiple researchers on Twitter  confirmed that Intel processors (x86-64) have a severe hardware-level issue that could allow attackers to access protected kernel memory, which primarily includes information like passwords, login keys, and files cached from disk. The security patch implements kernel page-table isolation (KP
Critical Flaws in Intel Processors Leave Millions of PCs Vulnerable

Critical Flaws in Intel Processors Leave Millions of PCs Vulnerable

November 21, 2017Swati Khandelwal
In past few months, several research groups have uncovered vulnerabilities in the Intel remote administration feature known as the Management Engine (ME) which could allow remote attackers to gain full control of a targeted computer. Now, Intel has admitted that these security vulnerabilities could "potentially place impacted platforms at risk." The popular chipmaker released a security advisory on Monday admitting that its Management Engine (ME), remote server management tool Server Platform Services (SPS), and hardware authentication tool Trusted Execution Engine (TXE) are vulnerable to multiple severe security issues that place millions of devices at risk. The most severe vulnerability (CVE-2017-5705) involves multiple buffer overflow issues in the operating system kernel for Intel ME Firmware that could allow attackers with local access to the vulnerable system to " load and execute code outside the visibility of the user and operating system. " The
First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

First-Ever Data Stealing Malware Found Using Intel AMT Tool to Bypass Firewall

June 09, 2017Swati Khandelwal
It's not hard for a well-funded state-sponsored hacking group to break into corporate networks and compromise systems with malware, but what's challenging for them is to keep that backdoor and its communication undetectable from a firewall and other network monitoring applications. However, a cyber-espionage group known as " Platinum ," that is actively targeting governmental organisations, defense institutes, and telecommunication providers since at least 2009, has found a way to hide its malicious activities from host-based protection mechanisms. Microsoft has recently discovered that the cyber-espionage group is now leveraging Intel's Active Management Technology (AMT) Serial-over-LAN (SOL) channel as a file-transfer tool to steal data from the targeted computers without detection. Intel-based chip sets come with an embedded technology, called AMT, which is designed to allow IT administrators to remotely manage and repair PCs, workstations, and serve
Explained — How Intel AMT Vulnerability Allows to Hack Computers Remotely

Explained — How Intel AMT Vulnerability Allows to Hack Computers Remotely

May 05, 2017Swati Khandelwal
Earlier this week Intel announced a critical escalation of privilege bug that affects its remote management features shipping with Intel Server chipsets for past 7 years, which, if exploited, would allow a remote attacker to take control of vulnerable PCs, laptops, or servers. The vulnerability, labeled CVE-2017-5689 , affects Intel remote management technologies, including Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) software, versions 6 through 11.6. The flaw was originally discovered by Maksim Malyutin, a member of Embedi research team, in mid-February, who then responsibly disclosed it to the Intel security team. My previous article , published earlier this week, was based on the partial information shared by Maksim to The Hacker News, as the reported Intel AMT vulnerability was highly critical and can be exploited remotely, Embedi held technical details until most sysadmins update their systems with a
Exclusive Deals

Get Daily News Updates By Email

Join over 350,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.