The new Specter vulnerability appears to be a new variant that easily 'crashes' secure partitions created by Intel SGX
Researchers from the Ohio State University have discovered a new dangerous variant of the Specter vulnerability called SgxPectre with the ability to exploit information from safe partitions created by Intel SGX.
Two Specter and Meltdown security vulnerabilities appeared in early 2018, negatively affecting the entire launch process from 1995 to the present. Soon, Intel's new processors were equipped with Software Protection Utility (SGX) to deal with these two security holes.
SGX creates secure partitions for operating software. They are created based on specific needs and own separate memory completely separate from other system software such as operating system or Hypervisor (software responsible for running multiple virtual machines on the same system) to avoid hackers taking advantage of Specter / Meltdown to exploit information on user computers.
But it seems that the hardware-safe partitions created by SGX cannot prevent SgxPectre. It takes advantage of predicting SGX's own actions to steal protected information.
Intel's representative said that shortly after receiving the Ohio University report, the company announced it would release an update package of software development tools for SGX application developers - expected to launch. on March 16 to solve Specter, Meltdown as well as other variants.
At the same time, Intel also recommends that users should use the latest updates of this toolkit.
See more:
- Microsoft and Intel cooperated to provide microcode updates for the CPU via Windows updates
- Bkav released a free detection tool for Meltdown and Specter
- How to block Specter Variant 2 Patch on Windows 10
You should read it
- Intel will stop releasing patches for the Specter v2 security hole on some older CPUs
- How to block Specter Variant 2 Patch on Windows 10
- Microsoft released an emergency patch for Windows, turned off the Specter patch, causing a drop in system performance
- Instructions for checking the Specter vulnerability for the browser with Tencent's tool
- Origin of the name and logo of Meltdown and Specter - Melting and Ghosts
- How to protect your computer against Meltdown and Specter security errors
- Intel will fix Meltdown and Specter over 90% of new products within 1 week
- Bkav released a free detection tool for Meltdown and Specter
- How to know if your Windows computer is affected by Meltdown and Specter?
- This is a way to protect Linux Mint from Meltdown and Specter
- Intel: After installing Specter / Meltdown vulnerability patch your computer will slow down to 10%
- Overview of vulnerabilities on Intel, AMD, ARM chips: Meltdown and Specter