Intel has disclosed another new security flaw affecting some of its more recent Core and Xeon CPUs called the L1 Terminal Fault, or Foreshadow. Intel doesn’t suspect anyone’s actually utilising the latest channel exploit for nefarious attacks, but it’s just another bug the company now must deal with after various side channel vulnerabilities erupted into the public domain back in January.
Intel hasn’t been having the best run when it comes to cybersecurity in 2018. The company was blasted at the start of the year by Meltdown and Spectre, two vulnerabilities that allowed malicious actors to infiltrate system memory and steal explicitly private data. Gaming performance wasn’t shaken all that much by the flaws, or their subsequent patches, but the exposure kicked off a renewed effort by Intel to track down and eradicate all other weak points in its processors.
The latest security report from Intel outlines a fault with similar consequences to those before it. The L1 Terminal Fault, or ‘Foreshadow’ attack if you desperately want it to sound cool and edgy, affects Core and Xeon processors from the 6th Gen or above, and was reported to Intel via researchers from various institutions across the globe: including the KU Leuven University, Israel Institute of Technology, University of Michigan, University of Adelaide, and Data61.
Just like those before it, the vulnerability makes the most out of a speculative execution vulnerability – specifically one found in Intel’s Security Guard Extensions (SGX). SGX is intended to keep sensitive code and data safe regardless of if the rest of a system has been compromised. However, the researchers found it was subject to a side channel bypass itself – essentially rendering its secure memory areas, known as ‘enclaves’, useless under certain conditions.
“We are not aware of reports that any of these methods have been used in real-world exploits,” Leslie Culbertson, VP and general manager of security, says on Intel’s security blog post. “But this further underscores the need for everyone to adhere to security best practices.”
But because this flaw is similar in nature to those before it, Intel’s incoming hardware fix will patch up the hole. The fix has been confirmed for upcoming Cascade Lake Xeon chips, but it looks likely that Intel’s octacore i9 9900K and Coffee Lake refresh will receive the in-silicon patch, too.
Intel’s current CPU install base will have to make do with microcode updates, which, when paired with new OS and hypervisor updates releasing immediately, will also reduce the threat from the speculative execution flaw. A small number of data centres, which are exposed to an increased risk due to virtualisation across their systems, are being told to disable hyperthreading to ensure security for the time being.
According to Intel, non-virtualised computer systems aren’t quite as susceptible to attack as data centres, however. That doesn’t mean you should ignore any and all patches for your CPU and OS, but seeing as gamer’s don’t like to share resources, this means the threat of a L1TF breach on a gamer’s system is almost negligible once partially mitigated.
For those wondering, AMD has confirmed its CPUs are not affected by the Foreshadow attack.