Researchers have discovered several new problems.
Researchers have discovered another critical vulnerability of Intel processors, which allows hackers to quietly read protected information, such as user passwords. A new vulnerability called Foreshadow (“omen” in English). Potentially more dangerous than discovered earlier this year, the Spectre, and Meltdown.
In the beginning of 2018 has reported the two vulnerabilities of modern Central computer processors that are associated with the so-called speculative execution of code – a feature that is used in modern architectures by Intel and AMD. Because of these vulnerabilities, attackers can transparently to the user and the system to access secure areas of CPU memory which stores the most valuable information. Learning of this, manufacturers began to release a software update that should fix the situation and not allow to take advantage of these flaws.
Now researchers have discovered several new problems that have received one name – Foreshadow. This time they only affect Intel chips, AMD in this way cannot be broken. Foreshadow allows an attacker to conduct a so-called attack side channel that also enables access to CPU memory, where are the passwords and encryption keys. In particular danger are the computers on which the cloud services.
Detect vulnerabilities specialists reported it to the manufacturer a few months ago, so Intel had to release patches. However, as all three vulnerabilities – Foreshadow, Spectre and Meltdown associated with the processor architecture, the code change doesn’t guarantee you can’t use them. However, experts note that to use these gaps in reality is very difficult: so far, no confirmed case that someone was able to do it.
© 2018, paradox. All rights reserved.
