Foreshadow casts more shade on Intel | Avast

Intel started 2018 with an unfortunate bang — the Spectre and Meltdown flaws inherent in the architecture of their chips was the main topic of conversation in the cybersecurity world. While damage control continues regarding those vulnerabilities, another flaw has been flagged. Intel refers to the new flaw as Level 1 Terminal Fault, or L1TF, but security researchers have dubbed it something more colorful — Foreshadow, and it is present in Intel Core processors and Xeon chips.

Like Spectre and Meltdown, Foreshadow exploits the speculative execution feature. This feature maintains the processing speed and saves CPU resources by anticipating the user’s next move. By taking advantage of this flaw, hackers can make a shadow copy of the user’s sensitive information, even if it is protected by SGX, and then place that copy in an unprotected area of the CPU. Once that’s done, the hacker can now get into that data. 

While there have not yet been any reported attacks using Foreshadow, Intel urges users to keep their systems up to date and install the soon-to-be released patches. The company says it is focusing on fixing both the software and microcode (hardware) problems regarding this vulnerability.

Avast Security Researcher Martin Hron comments, “It’s serious and basically allows the hacker to cross all levels of isolation. They can get to another processor’s memory, a kernel, another virtual machine’s memory (provided that they are on the same physical machine), and even into the most privileged mode, which is SMM. In here, CPUs usually run things like management engine and firmware portions of code. The problem is that the hacker can recover and read any physical memory, which is a shared resource among all the components and privilege levels of the CPU.”

As Intel continues to improve chip architecture for future releases, Avast recommends that you keep your system secure by following these tips:

  1. Update your system — Make sure your operating system and apps are all up to date. Most updates issued are to cover security vulnerabilities, and you’re doing yourself and your network a favor by keeping everything updated.

  2. Use an antivirus — A strong antivirus will block and neutralize malware at the very sight of it. Download and install Avast Free Antivirus for effortless security, and keep yourself protected. Make sure the breaking news of this new flaw does not “foreshadow” any problems with your own network.

And  don’t freak out  these flaws are very hard to exploit and attackers usually prefer to use more convenient and easier ways of getting your data such as phishing. We will continue to keep you updated on the Meltdown, Spectre, and Foreshadow vulnerabilities as they evolve.



*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/foreshadow-vulnerability-news