Pcmag.com: Spectre, Meltdown Patches Won’t Fix New ‘SwapGS’ Intel Flaw

The SwapGS chip-level vulnerability is serious, according to Bitdefender, but unless you’re a CEO, head of state, or some other prominent target, you’re probably safe from harm.

LAS VEGAS—A new chip-level vulnerability that affects all current Intel processors, dubbed SwapGS, gives attackers “a method to access all information in the operating system kernel memory,” security giant Bitdefender revealed here at Black Hat. That’s serious. No process should have that level of access to memory.

This discovery comes after Meltdown broke hardware-enforced security boundaries by exploiting technologies used to make CPU process instructions faster. Microsoft issued Windows patches to prevent malicious activity that exploited that vulnerability, but since the problem was at the chip level, full protection required action by Intel. Another flaw in CPU chips known as Spectre used similar techniques to gain access to data that should be totally secure.

Speculative Execution

All of these attacks make use of a technology called speculative execution. Effectively, the CPU guesses that execution is going to proceed down one of two branches, so it executes that branch in a kind of trial mode. If in fact the other branch is appropriate, it discards the traces of the trial. A tech running the program in a debugger can’t see the speculative execution, but leaves traces in CPU caches.

When this technology works, it speeds the CPU’s processing, but its implementation has led to these security problems.

“Criminals with knowledge of these attacks would have the power to uncover the most vital, best protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage, and spy,” said Gavin Hill, VP of Datacenter and Network Security Products at Bitdefender.

Read More on Pcmag.com