A brand new processor hardware vulnerability affecting modern Intel CPUs has been uncovered by Bitdefender researchers. Here’s what you need to know:
There are some hardware restrictions inside any processor that segregate the information available to the user from information available to the operating system. If this safeguard could be removed, an application executed under the current logged in user will be able to access various area available to the operating system only that are “off limits” for the user mode to keep the system properly functioning. Also, keeping the information available to operating system “hidden” is important from a security perspective, because this section is used to keep the “secrets”: passwords, encryption keys etc.
Our proof of concept demonstrates that with only six lines of code you can lift this safeguard and expose the information available to the operating system. Basically, this vulnerability can effectively make the Intel processor to spill out the information available to operating system only.
The security impact is serious because of many reasons:
- A non-authorised user can access information that doesn’t belong to them; for example, they can access anything from WiFi passwords, account passwords to encryption keys, private keys and so on.
- This vulnerability can be exploited like any other “zero-day”. Basically, a high skilled attacker can use it to install a malware, most likely a backdoor-type and it will stay totally undetected. This is exactly the type of vulnerability and the operating mode that a state-sponsored attack will use for espionage purposes.
- This is a hardware flaw that cannot be fixed other than by redesigning the processor (the silicon) or by just physically replacing the CPU with a new, non-vulnerable unit.
- We might expect some “software” mitigation especially from the large vendors like cloud services providers and data centers operators because the “multi-tenant” environment specific to this instance is the most affected by this vulnerability. In the “multi-tenant” environment you have multiple users sharing the same physical resources to build and use multiple virtual machines for example. One of the users, with a local account in this data center or in this cloud service provider can be able to exfiltrate specific information by using this vulnerability. Problem is he can access and exfiltrate any information available on the physical machines, belonging to every user of the premises.
- What happened to the victims of Meltdown can happen to those affected by this vulnerability
How many computers are affected?
We cannot point to specific numbers but since our proof of concept works on Ivy Bridge, Haswell, Skylake and Kaby Lake CPU series we can discuss about millions of computers here. Basically, any modern data center will be affected by this vulnerability
Have you been in touch with Intel about this incident?
Yes, we discovered this vulnerability in August 2018 when our technical team in Cluj, Romania was working to expand the Bitdefender HVI technology. Intel told us they need several months to investigate and create a strategy to communicate it.