Intel chips hit by another major security flaw

Intel chips hit by another major security flaw

Intel processors face another major security threat after researchers discover a new attack on the company’s hardware. Known as SGAxe, the attack targets a supposedly super-secure feature within Intel processors in the latest attempt to steal protected user data in a long series of attacks since the Meltdown and Spectre threats of 2018.

Intel says it has already released fixes and patches to cover some of the damage, but some issues still remain a threat, with machines using the company’s 9th generation Coffee Lake Refresh processors at a particular risk. SGAxe violates the security guarantees of Intel Software Guard eXtensions (SGX) services, which protect the internal operation of a system in addition to vital data such as passwords and encryption keys.

Developed by the company, SGX is a security feature built into Intel processors that allow apps to work and run within blocks of secure memory known as “enclaves” – protected software containers that provide hardware-based memory encryption for high-end protection. Using SGAxe, an attacker can steal legitimate SGX statement keys from Intel’s citing enclave in existing SGX machines, meaning they can then impersonate such systems and access target devices.

The investigators note that there is no evidence that the error was exploited in the wild, but warned Intel as soon as it was discovered. But SGAxe appears to be an evolution of the CacheOut attack unveiled in January, with the two exploits able to work together to hack into systems.

Intel says it is working on a fix to cover both attacks, with a microcode update coming soon.

“The CacheOut investigators have recently informed us of a new document called SGAxe,” said Intel Director of Communications Jerry Bryant in a statement.

It is important to note that SGAxe is based on CVE-2020-0549 which has been weakened in microcode (confirmed by the researchers in their updated CacheOut paper) and distributed to the ecosystem. The company has also published a list of affected processors for users who want to see if their systems are at risk.

Compsmag
Logo
Shopping cart