- Intel disclosed on Tuesday recently discovered security flaws that could "allow unauthorized disclosure of information in the L1 data cache," qualifying that it is not aware of any real world exploits thus far.
- Researchers discovered "speculative execution attack," called L1 Terminal Fault (L1TF), that could be used to extract data, and informed Intel about it on January 3. Intel researchers subsequently found two more L1TF varieties that could affect virtual machines, hypervisors and memory in operating systems and system management modes. Researchers dubbed the initial vulnerability "Foreshadow" and the subsequent variants "Foreshadow-Next Generation (NG)."
- Customers with nonvirtualized operating systems will face low risk following system updates, but those with traditional virtualized systems may require additional protections, such as hypervisor core schedule features or avoiding hyperthreading in certain situations, according to Intel.
The vulnerabilities affect microprocessor products that support the company's Software Guard Extensions (SGX), an architecture for developers that uses enclaves to protect against the alteration or disclosure of data and code. SGX is a feature in modern Intel CPUs that, even if a system is compromised by an attacker, continues to protect users' data or code, according to the researchers who found the bug.
The Foreshadow vulnerabilities could be exploited to access SGX-protected memory, and trust in an entire SGX ecosystem could be lost with just one exploited SGX machine.
Foreshadow-NG could be particularly devastating because it also allows malicious actors to access information in other virtual machines on the same cloud infrastructure and bypass countermeasures to the Meltdown and Spectre flaws, researchers said.
Security teams at companies using Intel products will need to audit systems to check for SGX architecture and what kind of virtualized system is in use and roll out system updates and protections. Still in recovery from the Spectre and Meltdown flaws, Intel will have to roll out recoveries that are not also bogged by patches with performance issues.