Intel has a new security problem called Foreshadow impacting its processors

Foreshadow is a new security flaw discovered by researchers, which can have serious impact on enterprise machines, cloud computing powered by Intel's processors

Foreshadow, Intel Foreshadow flaw, Foreshadow attack, Foreshadow security flaw, Intel security flaw, Intel foreshadow attack, Intel foreshadow vulnerability

Intel Foreshadow vulnerability: This latest flaw puts most of Intel processors at risk and is bad news for enterprises, cloud computing.

After the Spectre and Meltdown security flaws, there’s a new security flaw that can cause trouble specifically for Intel processor. Foreshadow is a new security issue discovered by researchers, which can have serious impact on enterprise machines, cloud computing devices, etc powered by Intel’s processors.

Researchers who discovered Foreshadow have put up a dedicated website explaining the vulnerability. According to the researchers, “Foreshadow is a speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds.”

It has two versions: One which can steal information from Software Guard Extensions (SGX) and the other which can impact Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory. The second version is also being called Foreshadow Next-Generation or Foreshadow-NG.

In an advisory issued by Intel, it refers to the vulnerability as L1 Terminal Fault (L1TF) and admits it can be used to run malicious code and steal data from these machines. According to Foreshadow website, SGX is Intel’s own Trusted Execution Environment (TEE), which allows for running secure program execution in untrusted environments.

All data operating on SGX is placed inside a secure enclave, but thanks to Foreshadow, this data can be stolen or compromised by running a malicious program.

When it comes to virtual machines, the Foreshadow-NG can allow for a malicious virtual machine running in the cloud to “potentially read data belonging to other virtual machines as well as data belonging to the cloud’s hypervisor.” In simple terms, for enterprise companies which are relying on virtual machines, this could prove to be a security nightmare.

A virtual machine is a software emulator of a physical computer, explain the researchers. Many enterprises uses and pay other cloud computing companies for the use of these virtual machines. With virtual machines, facing this threat, it also puts cloud computing at risk.

Story continues below this ad

It also looks like the next generation of Foreshadow can access the operating system kernel, which manages the computer’s memory and CPU time and has access to all the data stored in the memory.

According to researchers, the Foreshadow attack could allow a malicious program running on the computer to read some parts of the kernel’s data as well access data from other programs.

Intel has admitted the following processor are impacted by the issue. The list includes Intel Core i3 processor i5, i7, Intel Core M processor family. All second, third, fourth, fifth, sixth, seventh and eight generation of Intel processors are also on the list, which means the newer Skylake and Kaby Lake processors as impacted as well.

Intel Core X-series Processor Family for Intel X99 platforms, X299 platforms. Intel Xeon processors including 3400, 3600, 5500, 5600, 6500 and 7500 series. Intel Xeon Processor E3 v1/v2/v3/v4/v5/v6 Family, Xeon Processor E5 v1/v2/v3/v4 Family Xeon Processor E7 v1/v2/v3/v4 Family, Xeon Processor Scalable Family and Xeon Processor D (1500, 2100). The Intel Xeon processors are targetted for enterprises, servers, etc.

Story continues below this ad

Intel says it has worked on firmware, software updates which can provide protection against the Foreshadow attack.

Tags:
Intel