Senin, 05 November 2018

PortSmash vulnerability hits Intel CPUs

Some of Intel's most popular chips have been hit by a major security flaw, researchers have claimed.

This vulnerability, named PortSmash, has been discovered by a team of academics from Tampere University of Technology in Finland and Technical University of Havana Cuba.

PortSmash is impacting some of Intel's most well-known processors, including the Kaby Lake and Skylake units found in many laptops on the market today, and could potentially allow attackers to leak encrypted data from the CPU’s internal processes.

Intel CPU threat

Specifically, PortSmash targets a flaw in Intel's hyperthreading technology, which cuts down on the time needed for a device to carry out high-end computing tasks.

The researchers where able to exploit a leak in the hyperthreading system to access secure private keys from servers running Skylake and Kaby Lake processors by tracking specific computing processes in order to deduce the key.

The flaw affects both servers and PCs, the researchers said, although the former is more at risk, which could prove dangerous for cloud providers who offer infrastructure-as-a-service (IaaS) platforms, as servers, storage and networking hardware could be targeted in a single shot.

Intel has responded to the report, noting that it expects that the threat it "is not unique" to its platforms alone. 

"Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified," the company added.


Via: ArsTechnica


November 05, 2018 at 07:25PM
Mike Moore

Tidak ada komentar:

Posting Komentar