SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,

SgxPectre is the new vulnerability that affects Intel processors

Just a few weeks ago we reported on the massive vulnerability in Intel processors caused by the bugs Meltdown and Specter.

SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,

SgxPectre is the new vulnerability that affects Intel processors

Now, a group of security researchers from the University of Ohio, United States, has discovered a variation of Specter, called SgxPectre. The SGX (Intel Software Guard eXtensions) is a technology for developers that gives the possibility to protect the code and its modification or disclosure of data. The Intel SGX allows executing code of an application within an Intel SGX enclave. That represent the execution areas protected in the memory.

How Intel Tackle that problem of SgxPectre

In the case of Meltdown, this bug could allow hackers to read all the information in the physical memory of users’ computers. So, granting them full access to their credentials and confidential information. For its part, Specter would allow applications in user mode to subtract data from other processes executed in the system. As well as enable extracting data from their process through the code.

However, neither Meltdown nor Specter allows hackers to steal data from SGX enclaves. Also, that occurs with the new SgxPectre, which exploits bugs in Intel’s CPU to reveal the content of this enclave. In this regard, experts say that almost any enclave program could be vulnerable to the SgxPectre attack.

However, these types of attacks could take advantage of specific code patterns in software libraries. That allows developers to incorporate support for SGX in their application. Basically, it is a new vulnerability of lateral channel cache against enclave programs.

Analysts at the University of Ohio said that their study was based on observing the patterns of execution of the repetitive code that is introduced in the enclaves by the software development kits, in addition to the variation associated with the size of the cache.

For its part, Intel expects to combat the new vulnerability SgxPectre with a security update that will be launched on March 16. In the case of developers, they must update their application using the new version of the SDK.

Related posts:

SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,
A new variant of Software Guard Extensions SGXSpecter vulnerability is discovered in Intel processors
SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,
NetCat, another vulnerability in Intel Xeon puts AMD at the top of the server market
SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,
Eight new vulnerabilities discovered in Intel processors
SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,
All modern processors are susceptible to Meltdown and Specter vulnerabilities
SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,
Intel Core i9-9900K processors are protected from meltdown and specter vulnerabilities
SgxPectre, SgxPectre is the new vulnerability that affects Intel processors,
New security vulnerability affects Intel Skylake and Kaby Lake CPUs

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *