www.scworld.com
Open in
urlscan Pro
2606:4700:20::ac43:473c
Public Scan
Submitted URL: https://packetstormsecurity.com/news/view/36536/Intel-And-AMD-Chips-Still-Vulnerable-To-Spectre-Flaw.html
Effective URL: https://www.scworld.com/news/intel-and-amd-chips-still-vulnerable-to-spectre-flaw
Submission: On October 30 via manual from US — Scanned from DE
Effective URL: https://www.scworld.com/news/intel-and-amd-chips-still-vulnerable-to-spectre-flaw
Submission: On October 30 via manual from US — Scanned from DE
Form analysis 1 forms found in the DOM
<form class="w-100" scmag-registration="set">
<div class="my-2 font-body"><label class="visually-hidden form-label" for="email">Business Email</label><input placeholder="Business Email*" required="" type="email" id="email" class="fs-7 text-black p-3 form-control" value=""></div>
<div class="fs-9 my-4">
<p>By clicking the Subscribe button below, you agree to SC Media <a class="text-underline" target="_blank" href="https://www.cyberriskalliance.com/terms-of-use">Terms of Use</a><span> and
</span><a class="text-underline" target="_blank" href="https://www.cyberriskalliance.com/terms-of-use#privacy-policy">Privacy Policy</a>.</p>
</div>
<div class="row"><button type="submit" class="col-6 btn btn-primary">Subscribe</button></div>
</form>Text Content
Log inRegister CISO Stories Topics Topic Hubs Events Podcasts Research Recognition About Open Search Bar ADVERTISEMENT Vulnerability Management, Network Security, Patch/Configuration Management INTEL AND AMD CHIPS STILL VULNERABLE TO SPECTRE FLAW October 29, 2024 Share By Steve Zurier (Adobe Stock) It's back — and it may have never left. More than six years after the Spectre flaw affecting CPUs was first reported, researchers learned that that Intel and AMD processors are still vulnerable to speculative execution attacks. In a study posted by ETH Zurich, a public research university in Switzerland, the researchers said the attacks mainly seek to exploit the Indirect Branch Predictor Barrier (IBPB) on x86 chips, a chip’s built-in security mechanisms for warding off speculative execution attacks. Modern CPUs depend on speculative execution to optimize a chip’s performance by predicting the future path of code execution and executing certain instructions ahead of time. If these predictions are correct, this "pre-execution" reduces delays and speeds up system performance. ADVERTISEMENT The problem with Spectre speculative execution attacks: An attacker could intentionally manipulate the speculative execution process to access data they normally wouldn't be authorized to read. “They might force a CPU to mispredict to gain access to cached information like encryption keys or personal data from another process,” said Callie Guenther, senior manager of cyber threat research at Critical Start. “This kind of attack sidesteps traditional access controls by focusing on unintended microarchitectural behavior, which is difficult to detect and prevent with standard security checks." The ETH Zurich researchers said these new issues were disclosed to Intel and AMD in June 2024, and both companies confirmed their respective issues. Intel has made a microcode patch available to address the issue, CVE-2023-38575. AMD has been tracking the vulnerability for the past couple of years as CVE-2022-23824, according to its advisory. “Intel informed us that their issue, tracked under INTEL-SA-00982, had been found internally and fixed in a microcode update,” wrote the ETH Zurich researchers. “This microcode update was, however, not available in Ubuntu repositories at the time of writing this paper. We are currently working with the Linux kernel maintainers to merge our proposed software patch.” John Gallagher, vice president of Viakoo Labs, said speculative execution has been around for more than 20 years, and today all modern CPUs use this approach — it significantly speeds up processing, even accounting for times it might get the anticipated instructions wrong. Gallagher said if this approach was not available, we would see a significant drop in CPU performances, thus creating a giant business impact from slower processing. “Chip-level vulnerabilities are typically hard to patch,” said Gallagher. “Organizations should have a ‘defense-in-depth’ approach to security, where even if data is compromised from reading chip-level caches there would be other ways to stop an attacker from using it. In addition, ensuring key systems are on segmented networks is important to prevent lateral movement.” Guenther, an SC Media columnist, offered six tips for security teams to mitigate against speculative execution attacks: Stay updated on microcode patches: Intel and AMD regularly release microcode updates that address known vulnerabilities. Security teams should ensure that these updates are applied promptly to all affected hardware. Microcode updates are crucial as they address vulnerabilities at the firmware level, reducing the attack surface. Enable speculative execution mitigations: Even though these mitigations may have performance implications, such as IBPB, Single Thread Indirect Branch Predictors (STIBP), and Retpoline, they are critical to reducing the risk posed by speculative execution attacks. Understanding the trade-offs between performance and security in your environment is key. Leverage software-based defenses: Implement memory-safe programming techniques and encourage the use of compiler-based mitigations like Control Flow Integrity (CFI). These help in making exploitation of speculative execution more difficult. Monitor and isolate sensitive processes: Segment and limit high-privilege code execution from lower-privilege processes. Ensure that sensitive applications or services do not share CPU cores with potentially malicious or untrusted workloads. Implement rigorous access controls and sandboxing: Limit a user-level application’s ability to execute untrusted code that might trigger speculative execution bugs. In scenarios where untrusted code must be executed, consider using isolated environments like containers or virtual machines. Perform risk assessments: Regularly assess the impact of speculative execution vulnerabilities in the context of the organization’s specific threat model. This is especially crucial in shared environments like cloud infrastructure or multi-tenant data centers. AN IN-DEPTH GUIDE TO NETWORK SECURITY Get essential knowledge and practical strategies to fortify your network security. Learn More Steve Zurier RELATED Vulnerability Management UNOFFICIAL FIXES ISSUED FOR WINDOWS THEMES ZERO-DAY SC StaffOctober 30, 2024 ACROS Security has released free unofficial fixes for a zero-day flaw in Windows Themes, which could be leveraged to facilitate the remote compromise of NTLM credentials on devices running on Windows 7 to Windows 11 24H2. Ransomware THOUSANDS OF VULNERABLE CYBERPANEL INSTANCES TAKEN DOWN IN PSAUX RANSOMWARE ATTACK SC StaffOctober 30, 2024 Most of the vulnerable CyberPanel implementations, which could be taken over using the security issue, were in the U.S., followed by Germany, Singapore, Indonesia, and India, according to threat intelligence search engine LeakIX. Managed Services MODERNIZING YOUR SECURITY OPERATIONS: BRIDGING THE SKILLS GAP WITH MDR Paul WagenseilOctober 30, 2024 Today's cybersecurity needs may be too demanding for a single team to handle. Here's why even the largest enterprises can benefit from external managed detection and response (MDR) services. RELATED EVENTS * Cybercast BALANCING ACT: PRIORITIZING VULNERABILITIES AND MISCONFIGURATIONS IN VULNERABILITY MANAGEMENT On-Demand Event * Cybercast CISO PERSPECTIVES TO IMPROVE/OPTIMIZE VULNERABILITY MANAGEMENT On-Demand Event * Cybercast EXPOSURE MANAGEMENT: HOW ORGANIZATIONS CAN USE IT TO BUILD CYBER RESILIENCE On-Demand Event Related Terms ACK PiggybackingBroadcast AddressCache PoisoningCall Admission Control (CAC)CellCollisionCrossover CableDecapsulationDemilitarized Zone (DMZ)Disassembly ADVERTISEMENT GET DAILY EMAIL UPDATES SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy. Subscribe -------------------------------------------------------------------------------- ABOUT US SC MediaCyberRisk AllianceContact UsCareersPrivacy GET INVOLVED SubscribeContribute/SpeakAttend an eventJoin a peer groupPartner With Us EXPLORE Product reviewsResearchWhite papersWebcastsPodcasts Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization. Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms of Use. COOKIES This website uses cookies to improve your experience, provide social media features and deliver advertising offers that are relevant to you. If you continue without changing your settings, you consent to our use of cookies in accordance with our privacy policy. You may disable cookies. Accept cookies