For a pretty long time everyone thought that only Software and Firmware can sport security vulnerabilities – and that you can fix them easily by simply applying patches. No big deal, right? That changed quickly though: When Spectre and Meltdown showed up, the danger was all of a sudden in the CPU.
By now everyone knows that Spectre (and basically all Spectre-like attacks) takes advantage of a CPU feature called speculative execution. This is a feature that should help to speed up performances by using idle processor resources to do some work before it is known whether it is needed or not. The latest 3 iterations of the well-known vulnerability were presented during the Usenix conference last week: Forshadow and Foreshadow-NG.
Foreshadow reads the SCX data
According to the researchers Foreshadow is an attack which allows the criminals to steal sensitive information stored inside normal PCs or third party clouds. The initial attack – Foreshadow – was designed to extract data from Software Guards Extensions. SGX is an Intel chip feature that creates little secure enclaves on the chip that make sure that the code inside cannot be read or tempered with.
The other two bugs are called Foreshadow NG and affect Virtual Machines (VMs), hypervisors (VMM), the operating system (OS) kernel memory, and the System Management Mode (SMM) memory.
This is not so great, especially since everyone thought that SGX would be safe from Spectre and Meltdown.
There is good news
Now if you are worried don’t be. There is actually good news. The security flaw was already discovered back in January 2018 – more than half a year ago. During this time the researchers and Intel have worked on understanding and fixing the flaw. Thanks to those efforts you can now download the Windows Update that fixes the issue. Updated systems should not be attackable by Foreshadow anymore and even better: The fix does not slow down your system.