Last week, Intel disclosed another set of processor flaws that could let attackers steal information stored on computers or third party clouds. Discovered by a number of researchers and reported to Intel in January, the vulnerability includes three varieties: L1 Terminal Fault-SGX, L1 Terminal Fault-OS/SMM and L1 Terminal Fault-VMM. The company said in a blog post that when combined with updates released earlier this year, new updates being released today should protect most users from the vulnerability. “We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices,” said Intel.
The company has dubbed this set of flaws L1TF, or L1 Terminal Fault. It said today that two of the varieties can be mitigated with the updates available now, but the third, which only affects a subset of users — such as certain data centers — might require additional steps to be taken.
The researchers that spotted the vulnerability have described an attack that takes advantage of it here. They’re calling it Foreshadow. L1TF affects Intel’s Software Guard Extensions (SGX) feature and the researchers said after the Meltdown and Spectre discoveries, looking at SGX was the next step. “When you look at what Spectre and Meltdown did not break, SGX was one of the few things left,” system security researcher Daniel Genkin, who contributed to the Foreshadow discovery, told Wired. “SGX was mostly spared by Spectre, so it was the logical next step.”
Following the Spectre and Meltdown debacle, Intel expanded its bug bounty program, opening it up to more security researchers and offering larger rewards.
You can see which Intel products are affected by the newly discovered vulnerabilities here.