Intel Chips Hit with New “Foreshadow” Security Exploit

Security flaw is similar to Spectre and Meltdown weaknesses, but goes one step further.

Researchers have found a new weakness in Intel’s chips that make them vulnerable to hackers and malicious software. The chipmaker announced that it is already deploying a fix.

Named Foreshadow, the flaw exists in Intel processor hardware cores, where the computer’s cache data can be accessed by an attacker using vulnerabilities in the hardware.

According to the researchers who identified Foreshadow, it is a speculative execution attack that allows an attacker to steal sensitive information stored inside personal computers or third-party clouds. It has two versions. The original attack is designed to extract data from software guard extensions (SGX) enclaves. A newer version affects virtual machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and system management mode (SMM) memory.

The implications are that malicious applications may be able to retrieve data in the OS memory, malicious guest VM could extract data in the VM memory, malicious software running outside of SMM could access data in SMM memory and malicious software could pull data from within another SGX enclave.

This is the third time this year that security flaws have been found in Intel chips. The previous ones were Spectre and Meltdown. Foreshadow is similar to Spectre. Unlike those earlier exploits, it affects chips with SGX architecture extensions, which are designed to protect data and applications from interference. 

SGX allows programs to establish secure enclaves on Intel processors: regions of a chip that are walled off to run code that the computer’s OS can’t access or change. The enclave is supposed to create a secure space for sensitive data, even if malware compromises the main computer. Foreshadow could undermine this security measure.

Intel: understanding the Foreshadow flaw.

“When you look at what Spectre and Meltdown did not break, SGX was one of the few things left,” said Daniel Genkin, a security researcher who helped discover Foreshadow. “SGX was mostly spared by Spectre, so it was the logical next step.”

The chipmaker quickly released microcode that partially protects against Foreshadow. Microsoft is also pushing out Windows 10 microcode updates for Intel processors affected by Spectre variants and Foreshadow. Linux is also expected to start getting fixes.

Intel claims that while the bug is admittedly serious, the company is not aware of any real-world attacks using the exploit. The chipmaker maintains that this kind of research, which is important, represents risks that are extremely limited in practice. Attacks using Foreshadow are difficult and impractical to carry out, particularly when cheap, easy and effective techniques like phishing and malware distribution are available.

It is highly recommended that engineering.com readers keep their devices up to date as security patches are made available.

Read more about Intel chip security weaknesses at Spectre and Meltdown: How Did This Happen?