TAA security vulnerabilities were detected in Cascade Lake processors

By | November 14, 2019

The new units were to be free from defects. The reality turned out to be different. Nay! Researchers are disappointed with the collaboration with Intel and its approach to security vulnerabilities.

Intel has been dealing with security vulnerabilities in its processors for two years. The solution was to bring new, redesigned Cascade Lake units, but … researchers have found another vulnerability here.

A new security vulnerability has been identified in Intel processors

Researchers from the Free University of Amsterdam (VUSec team), the Catholic University of Leuven in Belgium, the German Information Security Center Helmholtz and the Technical University of Graz in Austria have discovered the Transactional Asynchronous Abort (TAA) vulnerability. We are actually talking about a new variant of the MDS attack (Microarchitectural Data Sampling), which uses the imperfections of the speculative execution mechanism (i.e. predicting what the processor will need for calculations). This time, it also applies to new processors from the Cascade Lake family.

The vulnerability could read confidential information stored in the processor, but the hacker must gain physical access to the computer here. An attack can be carried out in a variety of scenarios – from an infected website to a virtual machine attacking another machine on a given server.

CHECK THIS -   ASRock X299 Taichi CLX: motherboard for Intel Cascade Lake-X

Intel knew about the vulnerability but did not secure it

According to Wired, the researchers informed the manufacturer about new MDS vulnerabilities as early as September last year and some of them were patched in May this year. The problem is that not all holes have been secured. Kaveh Razavi from the Free University of the VUSec group claims that the manufacturer bypassed the most dangerous variant of the attack, so the introduced security proved to be ineffective.

At Intel's request, information about an unsecured vulnerability was not disclosed. The attack could have been exploited by hackers, so researchers agreed to suspend here to publish another security patch.

Intel reportedly underestimated the vulnerability, thinking that it could take several days to carry out the attack. Researchers have proven that this is a much faster process – above you can see a video where disclosing the administrator password took … just 30 seconds.

TAA vulnerability still not secured?

Recently, Intel has prepared another microcode update. However, scientists are not entirely sure whether this update addresses all detected issues. For example, the VUSec team claims that it protects equipment against some attacks, but not with all possible scenarios.

CHECK THIS -   Intel lowers prices for Coffee Lake processors without a graphics chip

To some extent, this is also confirmed by the manufacturer himself in the entry on your blog – we read that the update introduced significantly reduces the possibility of an attack, but in specific situations it is still possible to carry out. The vulnerability is to be fully secured during subsequent microcode updates.

Researchers are not happy with working with Intel

An improvement in cooperation with scientists was also announced. VUSec, however, is skeptical about this declaration. Researchers are disappointed with the collaboration with Intel and its approach to security vulnerabilities. Nay! The producer reportedly once again convinced them to delay the disclosure of details. This time they refused.

Source: Wired, TechCrunch, Intel

Also worth seeing:

Comments