Swapgs attacks: new vulnerability suffered by modern cpus
Table of contents:
Recently, a variant of the Specter vulnerability (Variant 1) has been discovered. It takes advantage of speculative execution of processors by sending unexpected SWAPGS instructions to get sensitive data from the system.
The vulnerability is under the name CVE-2019-1125. The important point is that this could negatively affect both Intel and AMD processors .
SWAPGS attacks on Intel and possibly AMD processors
Using speculative executions, the vulnerability allows unprivileged local attackers to access privileged sensitive information. As they point out, attackers are able to access the kernel memory to obtain passwords, tokens, encryption keys and more.
Speculative execution is a key functionality in modern microprocessor design. Its basis is simple:
- The processor executes instructions based on possibly true assumptions. If the assumption is valid, the execution continues. If the assumption is not valid, the execution is discarded.
The impact of the attacks
All this was taken out of the security patch that Microsoft made on its Patch Tuesday in July 2019 . The security firm Bitdefender analyzed and exploded the update, thus revealing part of the problem.
In addition, the firm also notes that the new type of attack outweighs the countermeasures created to combat Specter and Meltdown . However, this can only be exploited locally, so it is not expected to be a global risk as EternalBlue was. On the other hand, it can be used to carry out 'surgical' attacks against specific users on a local network.
Here is an article and a video from Bitdefender briefly explaining the topic:
According to Intel itself , SWAPGS attacks break the KPTI ( Isolation Page-Table of the Kernel, in Spanish) present in modern processors.
SWAPGS statements are privileged system statements that change GS record values with MSR values . These instructions are only available on devices with x86-64 architectures .
In theory, Linux Operating Systems could also suffer attacks of this nature. However, researchers of the current SWAPGS attacks believe that Linux is a somewhat more secure platform.
In addition, AMD claims that its processors are safe since they do not rely on speculative execution. Not surprisingly, its components are still under study to see if they really are or not.
Companies are moving quickly to mitigate this vulnerability and we expect updates for systems like Windows or ChromeOS .
What do you think about the new vulnerability? Do you think it could mean another blow for Intel ? Share your ideas below.
The Hacker News FontTsmc details the impact suffered by the computer virus
According to TSMC, the degree of infection varied according to the manufacturer. This incident is expected to cause shipping delays and additional costs.
Bitcoin core releases patch for vulnerability to ddos attacks
Bitcoin Core releases a patch for vulnerability to DDoS attacks. Find out more about this new patch now available.
Ubisoft reveals that its servers have suffered a ddos attack
Ubisoft reveals that its servers have suffered a DDoS attack. Find out more about the attack that affects the French company.