QA Financial Forum Chicago | 9 April 2024 | BOOK TICKETS
Search
Close this search box.

Intel Discloses Another CPU Vulnerability

abstract7-1569408622

Intel has released firmware and software updates to mitigate security flaws in all processors manufactured since 2015, in what has become the company’s third security flaw to be discovered since January this year. The security update was released after researchers reported the latest attack, dubbed Foreshadow, which used methods similar to the Meltdown strike at the start of the year. Foreshadow was first reported by researchers at the universities of Leuven, Adelaide and Michigan. The attack revealed two related flaws. Successful exploitation of these vulnerabilities would allow malicious actors to access any data, stored in protected enclaves in memory created using SGX. Intel has advised users and systems administrators to check with their hardware and software suppliers for available updates and apply them as soon as practical, but said it was not aware of any of these methods having been used in real-world attacks. The news follows revelations from researchers at Ohio State University, which shed light on Spectre-like attacks in March this year, that could expose the contents of secure enclaves. However, Intel has reassured clients that existing mitigations for Spectre and Meltdown, in conjunction with an updated software development toolkit for SGX application providers, would block the attack.