In early 2018, Intel and AMD processor researchers discovered two important security holes, Spectrum, and Meltdown. Although damage measures have since been released by Intel, AMD, Microsoft, and other major software and software vendors, the method of attack, based on a process called speculative execution, has led researchers to discover a series of four new attacks that affected Intel processors since 2008, reported by Wired.
Intel has flagged the “Microarchitect Data Sampling (MDS) attacks. And while all four attacks are similar to Meltdown and Specter, these new MDS attacks (ZombieLoad, Fallout, and RIDL) seem to be easier to execute.
In these new cases, researchers found that they could use speculative execution to trick Intel’s processors into grabbing sensitive data that’s moving from one component of a chip to another. Unlike Meltdown, which used speculative execution to grab sensitive data sitting in memory, MDS attacks focus on the buffers that sit between a chip components, such as between a processor and its cache, the small portion of memory allotted to the processor to keep frequently accessed data close at hand.
The researchers found that speculative execution can be used to trick Intel processors to capture sensitive data being transferred from one component of a chip to another. Unlike Meltdown, which uses speculative execution to capture sensitive data in memory, MDS attacks focus on buffers between chip components, such as processor and its cache. The small portion of the memory is assigned to the processor to ensure frequent access.
Each variant of the attack can be used as a gateway to display raw data that traverse a processor’s cache before being rejected via the speculative execution process. With fast and successive execution, a hacker could collect enough random data to capture everything from passwords to keys used to decrypt disks.
“In essence, [MDS] puts a glass to the wall that separates security domains, allowing attackers to listen to the babbling of CPU components,” VUSec, one of the firms that discovered the flaws, said in a paper set to be presented next week and seen by Wired.
Those who found the attack included researchers from Austrian universities TU Graz, Vrije Universiteit Amsterdam, University of Michigan, University of Adelaide, KU Leuven in Belgium, Polytechnic Institute, Worcester, Saarland University in Germany and Cyberus, BitDefender, Qihoo360 and Oracle.
Intel when speaking with Wired said their researchers discovered the vulnerability last year and now have fixes available at the hardware and software level. The company said that it fixed vulnerability in several processors that was sent last month.
Intel researchers, however, disagree on the severity of the vulnerability. While Intel described the attack as “low to moderate,” researchers at the institutions said, “If really dig through that raw output to find the valuable information they sought.”
Microsoft has sent patches for Windows PCs. In a statement to Wired, a Microsoft spokesperson said, “We’re aware of this industry-wide issue and have been working closely with affected chip manufacturers to develop and test mitigations to protect our customers.”
Although patches will become available, their applications on PCs and servers affected by four variables will take some time. This raises the concern that millions of computers worldwide is accessing sensitive data before it is repaired.
Related Resources:
Important Features of Vulnerability Scanners
7 Useful Android Vulnerability Scanners
