Intel disclosed three new Spectre-like vulnerabilities named Foreshadow that could allow hackers to access data that is supposed to be secured in protected areas on its Core chips or in the cloud.
The company’s Software Guard Extensions (SGX) technology enables enclaves — protected areas of execution in memory — on the chips where code cannot be modified or disclosed.
Foreshadow bugs, however, can launch attacks using a speculative execution side-channel method called L1 Terminal Fault (L1TF). It targets SGX enclaves as well as other microprocessors, operating systems, and virtualization software, and can allow hackers to access secure areas using malware disguised as a regular application.
Intel earlier this year released Microcode updates (MCUs) that it says will address the issue, and that users must also update their operating systems and hypervisors. However, like Spectre, Meltdown and the subsequent similar bugs spawned since January, Intel says researchers haven’t (yet) seen a Foreshadow attack in the wild.
“We are not aware of reports that any of these methods have been used in real-world exploits but this further underscores the need for everyone to adhere to security best practices,” wrote Leslie Culbertson, Intel’s executive vice president and general manager of product assurance and security. “This includes keeping systems up-to-date and taking steps to prevent malware.”
AMD in a security update on its website says Foreshadow doesn’t affect its chips. “As in the case with Meltdown, we believe our processors are not susceptible to the new speculative execution attack variants called Foreshadow or Foreshadow-NG due to our hardware paging architecture protections. We are advising customers running AMD EPYC processors in their data centers, including in virtualized environments, to not implement Foreshadow-related software mitigations for their AMD platforms.”
ARM did not immediately respond to inquiries about Foreshadow but noted last month that the “majority of ARM processors are not impacted by any variation of this side-channel speculation mechanism.”