Level 12
Intel announced that three new serious vulnerabilities have been discovered for their processors, allowing unauthorized access to data in the L1 cache. The vulnerabilities are named L1 Terminal Fault, or L1TF.

L1TF vulnerabilities are made public in an announcement they also put up a page about the measures that have been taken about the new side channel attacks in a white paper about L1TF . The vulnerabilities effects both consumer processors and in Xeon server processors. They can be exploited by malware and malicious virtual machines to potentially steal secret information from computer memory, reports the register:

These secrets can include passwords, personal and financial records, and encryption keys. They can be potentially lifted from other applications and other customers' virtual machines, as well as SGX enclaves, and System Management Mode (SMM) memory. SGX is Intel's technology that is supposed to protect these secrets from snooping code. SMM is your computer's hidden janitor that has total control over the hardware, and total access to its data.

Across the board, Intel's desktop, workstation, and server CPUs are vulnerable. Crucially, they do not work as documented: where their technical manuals say memory can be marked off limits, it simply is not. This means malicious software on a vulnerable machine, and guest virtual machines on a cloud platform can potentially lift sensitive data from other software and other customers' virtual machines.

It is the clearest example yet that, over time, Chipzilla's management traded security for speed: their processors execute software at a screaming rate, with memory protection mechanisms a mere afterthought. In the pursuit of ever-increasing performance, defenses to protect people's data became optional.

Redesigned Intel processors without these speculative execution design blunders are expected to start shipping later this year. Mitigations in the form of operating system patches, and hypervisor fixes, should be arriving any time now, and should be installed if you're worried about malware or malicious virtual machines slurping data. Keep your eyes peeled for these. Some of these software mitigations require Intel's Q2 2018 microcode update to be installed.

Here are the three cockups, which Intel has dubbed its L1 Terminal Fault (L1TF) bugs because they involve extracting secret information from the CPU level-one data cache:
  • CVE-2018-3615: This affects Software Guard Extensions (SGX), and was discovered by various academics who will reveal their findings this week at the Usenix Security Symposium. According to Intel, "systems with microprocessors utilizing speculative execution and software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via side-channel analysis." This vulnerability was named Foreshadow by the team who uncovered it. This will require the microcode update to fix.
  • CVE-2018-3620: This affects operating systems and SMM. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and side-channel analysis." Operating system kernels will need patching, and the SMM requires the microcode update, to be protected.
  • CVE-2018-3646: This affects hypervisors and virtual machines. According to Intel, "systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and side-channel analysis." This will require the microcode, operating system, and hypervisor updates to protect data.
The operating system and hypervisor-level flaws – CVE-2018-3620 and CVE-2018-3646 – were discovered by Intel's engineers after they were tipped off about CVE-2018-3615, the SGX issue, by the university researchers. The impact of these vulnerabilities, according to Chipzilla.
Last edited by a moderator:


Level 40
Intel is toast.

Psst: Amazon, Google, Microsoft are building next-gen ARM clusters for their cloud service hosts. Also, ARM is aware of Intel's tribulations, not just AMD being aware, and ARM is pushing forward with their next-gen Intel-Killing chips for mobile devices.

I'd be selling Intel stock about now. If I was Israel, I'd find a replacement for the 22%ish part of their economy Intel helps drive.

ARM says its next processors will outperform Intel laptop chips

Not to mention - for the first time server guys I know - are 'discussing' AMD on the next upgrade cycle - which is really soon. SBS2011 2008R2 have a year or so left before it's time to consider options. Even a 3-5% loss of Datacenter shares with Intel will be absolutely devastating as a significant portion of their business model is built around those predictors.

AMD Set to Crack Intel’s Lock on Data Centers


Level 7
If I understood what they said, a new microcode update is needed; thinking about what happened with Spectre, I don't expect this thing patched wild before begin of 2019 into consumer market, and I doubt people are even aware of it, as media are not talking much, maybe too early? :whistle:


Level 40
I don't use Win10 laptops. Only Linux and ChromeOS. So that wouldn't matter. I already use only ARM laptops for security purposes, but the performance is always slightly less than Intel. But that performance bridge should be crossed with the next gen arms.
Reactions: Sunshine-boy
Intel always have lots of surprises. And this one, is really a surprising thing to everyone. Not just one, not two but three new serious vulnerabilities. Well, I hope that they will took an action about this alarming situation for these vulnerabilities can potentially steal secret information from computer memory.
Reactions: ZeroDay


Level 40
Intel can screw off. I lied, I found another Intel chip on my network this week I hate forgotten about. The atrocious Puma7 in my Cable Modem. ATROCIOUS exploit and vulnerability filled, overheating, packetness, low SNR and noise prone Puma Intel trash chips.

I replaced it last night with something much better, and burned the Intel to the ground.

Reactions: upnorth