Shulou(Shulou.com)05/31 Report--

Computer scientists at Kuruven University have once again discovered a security flaw in Intel processors. Jo Bulck, Frank Piessens and their colleagues in Austria, the United States and Australia gave manufacturers a year to solve the problem.

In the past few years, Intel has had to release a large number of bug patches, and computer scientists at KU Leuven University have helped expose these bug, including Plundervolt, Zombieload and volt. "so far, all the measures Intel has taken to improve the security of its processors are necessary, but they are not enough to defend against our new attacks," said Jo Van Bulck of the computer science department at Kuruwen University.

As with previous attacks, the new technology, called add-on injection, is aimed at the "vault" of the Singapore Stock Exchange's computer system equipped with Intel processors: enclaves.

"to some extent, this attack continues what we predicted in 2018. A particularly dangerous version of this attack exploits a vulnerability in the SGX enclave where the victim's password, medical information or other sensitive information is leaked to the attacker." Load injection uses the same vulnerability, but in the opposite direction, the attacker's data is secretly "injected" into software programs running on the victim's computer. Once this is done, the attacker can take over the entire program and obtain sensitive information, such as the victim's fingerprint or password.'

The vulnerability was discovered on April 4, 2019. Nevertheless, researchers and Intel agreed to keep it a secret for nearly a year. As far as network security is concerned, a ban on responsible disclosure is not uncommon, although it is usually lifted in a short period of time. " We hope to give Intel enough time to solve this problem. In some scenarios, the vulnerabilities we exposed are dangerous and difficult to deal with, because this time, the problem involves not only hardware: solutions, but also software. Therefore, it is not enough to solve previous defects and other hardware updates. That's why we have a very long embargo with manufacturers. "

Finally, Intel took a wide range of measures to force developers of SGX enclave software to update their applications. However, Intel informed them in time. Don't worry: they just need to install the recommended updates.'

"however, our findings show that the measures taken by Intel have reduced the running speed of SGX enclave software by 2 to 19 times."

What is the SGX enclave?

Computer systems are made up of different layers, which makes them very complex. Each layer also contains millions of lines of computer code. Because this code is still written by hand, the risk of error is high. If such an error occurs, the whole computer system is vulnerable to attack. You can compare it to a skyscraper: if one floor is damaged, the whole building may collapse.

Viruses use these errors to obtain sensitive or personal information on computers, from holiday photos and passwords to trade secrets. To protect its processors from such intrusions, Intel launched an innovative technology called Intel Software Protection extension (Intel SGX) in 2015. This technology creates an isolated environment called enclave in computer memory, where data and programs can be used safely.

Researcher Joe Van Burke explained, "if you think of a computer system as a skyscraper, then these enclaves form a vault." Even if the building collapses, the vault should protect its secrets, including passwords or medical data.'

The technology seemed impeccable until in August 2018, researchers at Kuluven University discovered a loophole. Their attack is called foreshadowing. In 2019, the Predator attack exposed another weakness. Intel has released an update to address these two issues.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.