New Intel CPU Vulnerability Found What You Need To Know

New Intel CPU Vulnerability Found: What You Need To Know

Contents

A new cyberthreat known as Load Value Injection targets vulnerabilities in Intel CPU hardware. Here’s what that means and what you need to know.

You Are Reading :[thien_display_title]

New Intel CPU Vulnerability Found What You Need To Know

A team of researchers recently discovered the potential for a new class of attack designed to target flaws in Intel CPUs. This new cyberthreat, called a Load Value Injection, is based on two types of existing cyberattacks, Meltdown and Spectre.

These attacks take advantage of a flaw in modern CPU’s usage of speculative execution, a technique all modern CPUs use to prepare the system by computing data that may be accessed in the near future, and targeting data while it’s in a “transient” state where data goes from speculative to active. Intel released several firmware updates to defend its systems, but hardware fixes will have to be applied in future generations.

An LVI attack will involve an attacker injecting code into the CPU and forcing the system to execute it as if it were in that transient state, granting attackers more control. Two research teams, one composed of researchers from universities around the world, and the other made up of vulnerability specialists from Bitdefender, proved that an attack like this could wreak havoc on multi-user networks. “One less-less privileged tenant would be able to leak sensitive information from a more privileged user or from a different virtualized environment on top of the hypervisor,” researchers told ZDNet.

See also  Star Trek 5 Reasons Why TNG Is The Best SpinOff (And 5 Why Its DS9)

Intel Unprepared for LVI Attacks

When researchers first discussed Meltdown in 2018, Intel responded by rolling out a series of software updates along with hardware fixes for the Spectre attacks. These recent tests showed the ability for parties to get around Intel’s protections by using weaknesses Intel didn’t fix, due to doubts that a more substantial change would be required. While these existing fixes helped with fending off Meltdown-type attacks, researchers found that LVI attacks could circumvent them. While only Intel CPUs have been found to be vulnerable, other non-Intel processors have shown similar weaknesses. “If Meltdown works, LVI works as well,” Assistant professor at the Graz University of Technology, Daniel Gruss said.

However, LVIs remain theoretical because they currently require local access to be feasible, similar to the string of cyberattacks that threatened several major American cities. Hypothetically, they could be transmitted remotely through malicious sites by using Javascript, but the number of requirements necessary for the attack to work makes it improbable. Regardless, the possibility of these attacks opens up a discussion about the design of current CPUs. The necessity for a change becomes more apparent as researchers uncover more flaws. Intel and other manufacturers can continue to patch their machines, but until a fundamental shift in the way they work is made, users and their data will remain exposed to these cyberthreats.

Link Source : https://screenrant.com/new-intel-cpu-vulnerability/

Movies -