Computers and servers running latest-generation Intel processors are vulnerable to a new attack discovered in May by Bitdefender.
After Spectrum, Meltdown or ZombieLoad, a new loophole was detected three months ago by the Romanian security company Bitdefender. This time, it concerns Intel processors of last generation. This means that all computers, laptops and servers that ship them are potentially at risk. And the defense mechanisms put in place during the previous attacks will not be able to protect them.
On the occasion of the Black Hat conference, Bitdefender explained that the vulnerability of these processors is at the level of the speculative execution feature. The latter is to guess the instructions that will potentially be used later to make the processors faster. However, this can leave traces exploitable by hackers and allow them to lead an attack “by auxiliary channel” .
The Microsoft security patch is already ready
“By resorting to this attack, criminals would be able to uncover the crucial information best protected by businesses and individuals, and carry out theft, blackmail, sabotage and espionage operations. The research on this attack is extremely advanced because it focuses on the very foundations of the operation of modern processors and requires in-depth knowledge of processors, operating systems and attacks by channel auxiliary speculative execution in general. ” —- President Bitdefender, Gavin Hill, Said in a press release
Bitdefender says that it has been working with Intel for over a year and Microsoft has already developed a patch to counter this attack. But by the time companies apply it, the publisher of course recommends using its own Hypervisor Introspection tool. This software would provide effective protection by analyzing virtual machine memory and identifying suspicious objects.