[The Exiled]

• Latest Intel CPUs affected by new TSX speculative attack

Citiraj:

New speculative vulnerability called ZombieLoad 2, or TSX Asynchronous Abort, has been disclosed today that targets the Transactional Synchronization Extensions (TSX) feature in Intel processors. Using this vulnerability, local attackers or malware can steal sensitive data from the operating system kernel or other processes. Performance in modern CPUs is increased through speculative execution, a feature that runs instructions in advance of knowing if they are needed or not. If they are required, the task completes faster, otherwise the data is discarded. Attacks that target this feature are called speculative execution side-channel attacks. In May 2019, new speculative execution attacks called RIDL, Fallout, and ZombieLoad were disclosed that could allow a malicious program to steal sensitive data from memory locations that normally they could not access. While microcodes and software-based protections were released to mitigate these older vulnerabilities, it was disclosed today that a new version of the ZombieLoad attacks can bypass current defenses and even affect processors in the Intel Cascade Lake CPU family.

• TPM-FAIL security flaws impact modern devices with Intel CPUs

Citiraj:

Researchers discovered two new vulnerabilities known as TPM-FAIL in Intel firmware-based TPM (fTPM) and STMicroelectronics' TPM chips that could be used by hackers to steal their targets' cryptographic keys. TPM (short for Trusted Platform Module) is a chip used as a root of trust for a device's OS that can store highly sensitive data such as security keys, protecting them from malicious tools such as implanted rootkits or malware dropped by a threat actor. TPMs can also be firmware-based solutions (fTPM) that run on separate 32-bit microcontrollers inside a CPU, as is the case of Intel processors starting with the Haswell generation (2013). The two vulnerabilities allow hackers to circumvent this security shield and steal the data stored within a TPM. Once they have their hands on your signing keys, the attackers can forge digital signatures that can be used to tamper with the operating systems or to bypass authentication on the compromised machine.

• Intel has revealed 77 new chip vulnerabilities, one of which has a notable performance impact

Citiraj:

Intel has disclosed a whooping 77 vulnerabilities that range from processors to graphics and even ethernet controllers. 67 of these bugs have been discovered by Intel internally, while outside sources uncovered ten. Many of these vulnerabilities are minor, though some others will have a notable impact on Intel's products. More information about these vulnerabilities is available here, with the focus of this article being a specific vulnerability called "JCC Erratum". This vulnerability impact most of Intel's recently released processors, including Coffee Lake, Amber Lake, Cascade Lake, Skylake, Whiskey lake, Comet Lake and Kaby Lake. This bug relates to Intel's ICache/ Decodes Streaming buffer, though the issue can be addressed with firmware. However, Intel's mitigations document for Jump Conditional Code Erratum states that the mitigation/workaround will impact performance by 0-4% excluding outliers, which means that even higher performance downsides in specific workloads. Phoronix is the first website to benchmark Intel's processors both with an without their JCC Erratum mitigations, finding notable performance hits in some software.

Izvor: BleepingComputer, OC3D i Phoronix