Foreshadow, the new Intel security threat

After Spectre and Meltdown, and the wishful patching of Intel’s security holes, now there is “Foreshadow”

Intel has been notified by various researchers that yet another security gap has been found in their processors.  The vulnerability affects its chip security technology called Software Guard Extensions (SGX).  This technology has been used in Intel processors since  2015 (2nd generation i3,i5,i7,xeon 3400+, X99 and X299 and later/above.  1st gen i* and Core2Duo or earlier are safe. 

In addition to impacting the SGX, Foreshadow exploits Intel’s speculative execution component.  This feature uses behavioral analysis to determine which application or program the user is going to need next.  It then automatically opens it, to increased productivity.  If the program is not needed by the user, it will close automatically.  The problem with exploiting this function is the cached information that may be held within these applications, including usernames, passwords, personally identifiable data, etc.  Any cached information can be stolen by hackers through this exploit.

According to Kim Komando, Intel is releasing an update today, August 21st, which is supposed to patch the vulnerability.  Microsoft has also released an update to address the security vulnerability.

If your comment is considered off-topic a new topic will be created with your comment to continue a different discussion. This community is based on open and free communication, meaning we must all respect all in minimizing the exercise of freedom to disrupt such communication. Feel free to post what you think but keep in mind the subject matter discussed. It is just as easy to start a new topic as it is to dilute the content of an existing discussion.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.