NOTICE: Unpatched Intel systems vulnerable to Foreshadow attack
Thursday, August 16, 2018
Intel has disclosed a flaw in its Core chips that leaves them vulnerable to new Foreshadow attacks (also called L1 Terminal Fault or L1TF). Foreshadow, like the previously disclosed Meltdown and Spectre vulnerabilities, is a speculative execution flaw that could allow an attacker to steal sensitive information stored inside personal computers or third-party clouds. While this flaw may not be a big deal in most environments, there may be additional concerns in virtualization environments that rely on the security boundary provided by separate virtual machines.
Patches released by Intel in May and revised in June to further address Meltdown and Spectre (INTEL-SA-00115) also mitigate for Foreshadow. If you routinely update your systems when new patches and updates are available, your systems should already be protected.
According to Intel, "End users and systems administrators should check with their system manufacturers and system software vendors and apply any available updates as soon as practical."
Foreshadow was independently and concurrently discovered by two teams, one of which included Thomas F. Wenisch, a U-M assistant professor in Electrical Engineering and Computer Science.
References
- Foreshadow: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution
- Foreshadow attacks Intel CPUs with Spectre-like tactics (but you're probably safe) (PC World, 8/15/18)
- Spectre-Like Flaw Undermines Intel Processors' Most Secure Element (Wired, 8/14/18)
- 'Foreshadow' attack affects Intel chips (BBC News, 8/15/18)
- L1TF - L1 Terminal Fault Attack - CVE-2018-3620 & CVE-2018-3646 (Redhat, 8/14/18)
- Q3 2018 Speculative Execution Side Channel Update (Intel, 8/14/18)