Menu
Bitdefender finds modern Intel CPUs at risk

Bitdefender finds modern Intel CPUs at risk

Vulnerability able to bypass preventative methods used to protect CPUs from 2018’s Spectre and Meltdown

The exploit bypasses all known mitigations implemented after the discovery of Spectre and Meltdown in early 2018.

The exploit bypasses all known mitigations implemented after the discovery of Spectre and Meltdown in early 2018.

Credit: Dreamstime

Cyber security firm Bitdefender has revealed the existence of a new vulnerability that targets modern Intel CPUs running Windows that utilise speculative-execution.

The exploit focuses on speculative-execution via side-channel, which is used by modern Intel CPUs to try to guess what instruction users might input next in order to increase the operational speed.

This can result in traces being left in the cache, and combined with specific instruction from Windows operating systems – referred to as SWAPGS – within a gadget, these traces can leak privileged, kernel memory. 

As a result, attackers can exploit this SWAPGS attack to access confidential data like passwords, tokens, conversations and encryption from both enterprise and home users, according to Gavin Hill, vice president for  data centre and network security products at Bitdefender.

“Criminals with knowledge of these attacks would have the power to uncover the most vital, best-protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage and spy,” said Hill.

“Research into these attacks is on the cutting edge as it gets to the very roots of how modern CPUs operate and requires a thorough understanding of CPU internals, OS internals, and speculative-execution side-channel attacks in-general.”

This new vulnerability has been described by Bitdefender as being able to bypass preventative methods used to protect CPUs from 2018’s Spectre and Meltdown.

In order to protect Intel computers, Bitdefender has been working with Intel for over a year on the vulnerability, while Microsoft and other ecosystem partners have been distributing patches or planning to issue patches; it’s not something that can be fixed with just antivirus software, according to Bogdan Botezatu, senior e-threat analyst at Bitdefender.

“[It’s] also important to note, this vulnerability exploit is designed to exfiltrate data without leaving any traces and takes considerable effort. That's why the usual target is generally a prominent data centre or a large enterprise infrastructure,” Botezatu said.

“These side-channel attacks are extremely sophisticated and can do significant damage, they are not a common strand of malware that someone can simply prevent with antivirus software.”

Due to the SWAPGS attack’s sophistication, it can be difficult for users to identify what has been lost, Botezatu added.

“Exploiting this vulnerability leaves no traces and any internal audit will likely never reveal anything wrong or any data that has been copied by the attacker. The reality is that if the vulnerability has been exploited and a memory kernel has been exfiltrated you cannot guess or assess what exactly you lost,” Botezatu said.

“To stop future attempts you need to patch the vulnerability with Microsoft updates.”


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags bitdefender

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments