When Specter (a class of critical vulnerabilities affecting modern microprocessors) was publicly disclosed in January 2018, researchers said, it wasn’t easy to fix and would haunt us for years to come. a long time.
The security hole exists for more than 3 years, but Intel has not been able to fix it. Photo: CIO Indeed, 3 years have passed, and there is still no end to the vulnerability. Meanwhile, experts from the University of Virginia and the University of California, San Diego, have discovered a new attack method that bypasses all current Specter protections built into the chip. This attack method has the potential to put almost any system – desktops, laptops, cloud servers and smartphones – once again at risk. Revealing Specter ushered in a wave of more powerful attacks, allowing malicious code to directly read passwords, encryption keys, and other valuable information from the computer’s kernel memory. Although chip manufacturers such as Intel, ARM and AMD already know this and combine defenses to reduce the threat from vulnerabilities, the methods have not yielded the desired effect. A Specter attack is capable of tricking the processor into executing instructions along a wrong path, the researchers say. Even though the processor recovers and completes its task correctly, hackers can still access confidential data while the processor goes in the wrong direction. The new attack method exploits what is called a micro-operator buffer (called micro-ops), an on-chip component that breaks machine instructions into simpler instructions and speeds up computation, like a secondary channel to reveal confidential information. Micro-op cache is built into Intel processors, manufactured since 2011. According to researchers at the University of Virginia, Intel’s defense proposal against Specter (called LFENCE) is to place sensitive code in a waiting area until security checks are done and only then the code Only sensitive is allowed to execute. However, research has shown how attackers can steal information through micro-op caching and use it as a secret channel. Although exploiting the Specter vulnerability is very difficult, the researchers say that with computers with a lot of sensitive data, hackers do not mind the difficulty. To protect the system from the new attack, the researchers propose to clear the micro-ops cache. This is a technical solution that comes at the expense of performance benefits. According to the researchers, micro-op caching has some dangerous effects. First, it ignores all caching reduction techniques such as side channels. Second, attacks in this zone go undetected like an existing attack or malware. Third, because the micro-op cache is at the front of the path, prior to execution, Intel’s Specter protections or recommendations to limit cache updates are still compromised. public.
You must log in to post a comment.