Saturday , September 26 2020

Intel's latest processors are still affected by security vulnerabilities


Security flaws in processors unveiled in early 2018 continue to poison Intel's existence. The new variant of Zombieload, a security vulnerability discovered a few months ago, particularly affects the Cascade Lake processors, the latest generation of Intel server and desktop processors.

Cascade Lake processor (Intel image).

This is all the more embarrassing that this generation had to precisely fill these processor deficiencies. However, security researchers have been able to prove that this generation is still suffering from loopholes that allow for the recovery of sensitive and normally protected information. To make matters worse, the measures implemented by the software are insufficient to protect against this new variant.

Intel has been aware of this variant since the spring, but so far it has failed to fully fill the void. The founder has released an update that is partially responsive, but admits from the outset that this is not an absolute solution. Not surprisingly, we now know that these security vulnerabilities are so deep in the architecture of modern processors that they choose to choose between performance and security:

How to prove once again the complexity of modern processors and related holes, another team of researchers has now released evidence that another flaw that was thought to be right is not entirely true. This time, it's RIDL, a flaw, as always based on speculative execution of Intel processors and their vulnerabilities to extract information that the user should not have access to.

Intel has released an update, but researchers say the repair was incomplete. In evidence, they offer this specific video showing how to recover the password clearly within thirty seconds of Linux distribution.

Source link