Bugs Found In New In Intel Processors That Are Vulnerable To Hack

Millions and millions of electronic devices have a processor manufactured by Intel. Last year it was known that the vast majority of those marketed in the last decade by the brand is vulnerable to attacks, but not all the weaknesses came to light at that time.

This week the multinational has warned that it detected, in collaboration with different independent research groups, a new security breach that exposed sensitive data such as keys, user names or browsing history on desktop computers, laptops and cloud services (without specifying the number of affected customers).

Intel says it has no evidence that attacks have occurred and that it has already started corrective measures. Experts consulted by this newspaper believe that it is a failure as serious as those detected in 2018 and do not rule out that in the future there will be new ones.

The new security breach was revealed last Tuesday. The company itself did so on its corporate website as researchers belonging to different universities and technology companies through another page. The company states that the vulnerability was discovered internally and later also notified by external computer scientists. The latter claim that they worked in unrelated teams and that they reported the findings to the company.

The problem reveals data contained in the memory of the microprocessor that should not be accessible, according to José Rosell, managing partner of the security group S2. If the user were handling sensitive information such as a confidential document or a password at the time of an attack, it could be available to hackers, the expert added.

The devices considered vulnerable before Intel began to correct the failures are computers and services in the cloud currently in the market. The multinational says it does not have the number of equipment affected.

Cristiano researcher of the VU Sec group at VU Amsterdam University, says that his team detected the problem in all processor models marketed since 2008. Another group analyzed failures in equipment installed since 2011. “Millions of devices,” according to Giuffrida.

The gap is technical of the same type as that detected in January 2018 (divided into two parts, called Meltdown and Specter ), the consulted sources agree. It also made a large number of devices vulnerable ( including mobiles and tablets ) and also involved the processors of other companies. In August of last year, another vulnerability of the Intel processors, called Foreshadow, was announced.

Intel says that the new breach has a degree of danger between low and medium, is technically sophisticated and its exploitation in a real environment is “extremely complex.” The company maintains that it has already applied security measures for the eighth and ninth generation single-use processors (marketed as of 2017), and for the cloud service products released this year. He also explained that he has disseminated the patches so that the digital community can protect the exposed environments.

Companies like Google, Apple, Microsoft, Amazon and Mozilla have communicated in turn that they are acting to defend their own customers, according to TechCrunch. Intel recommends that everyone keep systems updated. “It’s one of the best ways to stay protected,” company sources explain by email. “When automatic updates on the computer or another device, do not delay,” advises José Rosell.

Giuffrida does not agree with Intel on the assessment of the seriousness of the ruling. In his opinion, taking advantage of this vulnerability is more complex than in the case of those detected in 2018, but it is possible without being a first level hacker. “We already have implemented attacks capable of reaching the most sensitive data of our computers.

They have been developed in 10 days a team of four doctoral students, “he says. In addition, he believes that Intel is not giving clear protection instructions. “This will create a fragmented situation, where each will apply a different defense strategy according to the system. In this context making an effective safety analysis will be very complicated and that will make things worse, “he says.

The researcher adds that there is also a problem related to the performance of processors, specifically with respect to a technology developed by Intel and called Hyper-Threading, present in the vast majority of them and able to improve their performance without significantly increasing costs. Giuffrida explains that it is necessary to disable this functionality because “it does not guarantee security against attacks and keeping it protected through some software is” very complex if not impossible “. In his opinion, “this failure is the first to demonstrate” the problem that this technology can pose “. Also remember that some companies, like Google in the case of its operating system Chrome OS, has decided to deactivate it.

For its part, Intel discourages doing so and ensures that in computers for individual users the loss of performance after the application of corrective patches of the failure will not exceed 3%. In the case of cloud services, and with active Hyper-Threading, this decrease in performance could reach 10 %, he adds.

Giuffrida believes that the vulnerabilities detected in Intel processors since 2018 are due to the fact that academic attention for security flaws has progressively moved from software failures to the hardware part of the devices, particularly in the last three years.

“The situation is much worse than we expected. You can create attacks on hardware systems with too little effort. Companies are beginning to take the problem seriously, but we believe they should act much more forcefully, “he says.

The academic believes that the attack revealed this week shows that Intel did not take sufficient action after discovering the vulnerabilities of last year since the new ones “are very close to the previous ones”. This, in his opinion, is due to two possibilities.

One is that neither companies nor researchers have an effective response to these problems. The second, he says, “is even worse, because it would mean that Intel is aware of the seriousness of the problem but does not show things as they are to the public to protect their interests.”

In any case, he concludes, his feeling is that the failures already revealed only represent “the tip of the iceberg” with respect to what remains to come. Intel says that it is expected that in the new processors the vulnerability is no longer present.

José Rosell from S2 is less pessimistic than Giuffrida. “Almost every day new vulnerabilities jump. And there are some of them that are more impressive than this for the common user, “he says, recalling the one that affected Whatsapp last Monday.

In his opinion, the fact that Intel has brought to light the problem he detected is “a good practice”, because it allows technology companies and security groups to patch the gaps and prevent more serious damage.―All Times Tech