New Intel Processor Vulnerability, “Foreshadow,” Allows Attackers to Steal Data

It just gets harder and harder to keep our technology safe from prying eyes and hands. It seems every time we turn around a new security flaw is turning up. This newest flaw, called “Foreshadow,” affects Intel processors. This means the same parts that are designed as the “brains” of our machines are also making our systems less secure.

Researchers from five different academic institutions located this vulnerability. Intel processors are supposed to be secure, as they are defended by Software Guard Extensions (SGX) that allow programs to set up secure enclaves on the processors.

Yet, these researchers explain Foreshadow as a “speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds.

“Foreshadow has two versions: the original attack designed to extract data from Software Guard Extensions (SGX) enclaves and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory.”

Wired published a report that states the research speaks “to longstanding questions and concerns about reliance on SGX – and whether for all its benefits it also has the downside of becoming a single point of failure for everyone’s most sensitive software and data.”

news-foreshadow-hacker

They add that while “not every user relies on SGX, more and more secure services are exploring the possibility of using it in their consumer products – like the password manager 1Password and the end-to-end encrypted messaging app Signal.”

One of the researchers, Yuval Yaron, a microarchitecture security researcher, stressed the seriousness of Foreshadow by stating it’s “not an attack on a particular user; it’s an attack on infrastructure.”

Intel started releasing a fix for Foreshadow via updates on August 14, 2018. Leslie Culbertson, the executive vice president of production assurance and security for Intel, wrote in a blog post that they are not aware of any method being used in real-world exploits yet.

Regardless of that, Intel is still encouraging users to keep everything up to date on their systems and to take all necessary precautions to prevent malware.

The researchers set up a website where they detail why they chose to call this new chip vulnerability Foreshadow.

news-foreshadow-risk

“In literature ‘foreshadowing’ is used to indicate a trick where a writer provides a subtle hint of what is to come later in the story. Analogous to how a good storyteller tries to keep the outcome of the story (mostly) secret, the speculative execution mechanisms found in modern processors do not directly leak secrets.

“In the storytelling analogy the Foreshadow attack shows, however, that clever adversaries can abuse subtle hints in the present to reconstruct secrets from future instructions.”

That explanation provided by the researchers is particularly ominous and doesn’t leave a safe feeling. Sure, they’ve identified this vulnerability, but it hasn’t hit yet. And along with their name, “Foreshadow,” we know there’s a hint of something bad on the horizon. Perhaps it’s even worse than researchers are imagining.

Above all, it’s super important here to follow Intel’s advice to keep your system up to date, as they’re working on rolling out a fix. And as they suggested, make sure you take all necessary steps to neutralize malware.

How does this news sit with you? Are you still worried about what’s to come in the future? Or are you comfortable with Intel saying they are releasing a fix? Add your thoughts and concerns regarding Foreshadow in the comments section below.

Leave a Reply

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.