Intel Reveals New “Foreshadow” Security Flaw


A new Intel security flaw has been exposed – named ‘Foreshadow,’ the flaw is similar to Meltdown and Spectre, in that it undermines the most secure element of the company’s chips. Intel admits that the Foreshadow bugs can be used to launch ‘speculative execution’ attacks – exploiting how Intel chooses to run parts of computer programs before a user selects them – to extract sensitive data from PCs or third-party clouds.

“The design flaw in Intel chips has left Windows and Linux systems vulnerable. Any device or services connected to the chips is essentially left at risk – especially after the latest flaw that was revealed – Foreshadow. The main focus is working in real time to identify the issues and look at what needs to be patched. Performance impacts will be seen across the industry. Systems that utilize software-defined storage via a mid-layer filesystem will likely experience the most impact. Many software-defined storage solutions, which use a mid-layer filesystem will likely have a much larger performance impact as a result of these fixes. After the patches and fixes roll out, we will be able to see the true extent of the impact,” said Jeff Ready, CEO of Scale ComputingOpens a new window .

Through Foreshadow, a determined attacker can get into a secure area, and attack using malware disguised as a regular application. The Foreshadow bugs can create malicious applications that recognize data from other apps or a computer’s OS memory, or create a guest virtual machine (VM), which can recognize data from the VM memory or other guests VMs.

“With the proliferation of devices and given the sheer effort required to update the 100s of millions of devices – whether they are personal devices or time-shared cloud systems, the impact of these variants is massive. The widespread nature of the impact of the vulnerabilities behind Spectre and Meltdown have multiple security holes, including the latest flaw – Foreshadow. Unlike application security vulnerabilities where the remediation/mitigation is increasingly ‘centralized’ with cloud-based, multi-tenant systems, the same cannot be said about chip vulnerabilities. It’s getting to be a zero-sum game, as infosecurity teams are dealing with an increasing variety of security issues… the more they protect, the more there is to protect. There is a revolution waiting to happen in the way security teams will respond to the increasing variety and volume of security challenges – and it’s going to be based in automation, data science and shifting from ‘what we need to protect’ to ‘who we need to protect,’” said Setu Kulkarni, VP of corporate strategy at WhiteHat SecurityOpens a new window .

Given the severity of the hack, Intel is working to patch things quickly and thoughly. Through the search of what went wrong, the company has discovered that even more processor systems are now suceptible to not just Foreshadow attacks, but similar attacks as well.

“The universal backward compatibility for the internet may also be subject to future change. Just as old versions of TLS and SSL can never be secure again, Foreshadow’s use of speculative execution has the potential capacity to break down the barriers between virtual machines – which may also impact cloud service providers and eHosting. The demand for speed of web page loading may yet prove our undoing, and the web may see an adjustment of expectations in the name of security rather than expedience,” Kulkarni continued.