What to do if you’re affected by the Intel Foreshadow flaw

Life

16 August 2018

2018 might well be a year Intel would like to forget, especially where its processors are concerned. It has now revealed that millions of its chips have yet another flaw, which could potentially be used by malware to steal sensitive data.

Just like the Spectre and Meltdown ‘bugs’, this new one – dubbed Foreshadow – is similar in nature. Put simply, a hacker could create a program that exploits this vulnerability to read data that was previously thought to be secure in the CPU, even if the main system was compromised.

Ironically, the vulnerability is in Intel’s Software Guard Extensions (SGX) which is designed to protect code from being modified or disclosed.

The flaw is also known as the L1 Terminal Fault or L1TF for short because it’s in the level 1 cache that the data – from a different virtual processor core – can be read.

Watch Intel’s video above if you want to understand more about the technical details.

How can I protect my PC from Foreshadow?

Update your BIOS
Keep your PC or laptop up to date. That means installing the latest BIOS updates from your laptop manufacturer or – for a PC – from your motherboard manufacturer.

These typically include CPU microcode updates, and the good news is that updates are always available for the vast majority of affected chips. In fact, if you installed an update earlier this year after the Spectre and Meltdown scare, your system should be already protected from Foreshadow.

Update Windows
Microcode updates alone are not enough to protect you. The other thing to do is ensure Windows is up to date, since microcode updates work hand in hand with operating system updates to protect against malware which could exploit the Foreshadow flaw.

Run antivirus software
It’s also important to have up-to-date antivirus software on your PC or laptop, as this can help detect and stop malware before Windows or your processor’s security mechanisms have to get involved.

Which processors are affected by L1TF?
Those which support SGX. This means Intel Core processors (and Xeon chips, which aren’t in consumer PCs or laptops) from around 2016 onwards.

You can visit Intel’s website to check your particular processor to see if it supports SGX or not.

Have there been any attacks against Foreshadow?
No. Intel says it knows of no cases where the flaw has been exploited. So – technically – even if your BIOS and Windows aren’t up to date, the risk is low. That’s no reason not to update all your devices, though.

The main risk, according to Intel, is data centres where each server runs virtualisation software in order to run multiple operating systems on each one.

The L1TF flaw theoretically means that cloud storage services are most at risk, since they use many of the servers which could be affected. Intel is working with providers to address the problem, but we’d recommend (just as always) that you have multiple backups of any important files and don’t rely on one cloud service to store your only copy.

IDG News Service

Read More:


Back to Top ↑

TechCentral.ie