THREAT HORIZON – FORESHADOW

 In Threat Horizon

The following was circulated to our NetSure360° managed service customers on Thursday 16th August 2018.

Priority: High

Executive Summary: Three new vulnerabilities have been released which affects Intel CPUs. These vulnerabilities all exploit the CPU design feature named ‘Speculative Execution’. This feature is found in all modern CPUs and is used to predict future computations in advance to help improve performance.

The vulnerability uses techniques that are very similar to the Meltdown attacks from six months ago, but specifically targets a lock box within Intel’s processors. This allows an attacker to obtain sensitive information.

The three vulnerabilities are:
Foreshadow
(CVE-2018-3615- L1 Terminal Fault – SGX)
Systems with microprocessors utilizing speculative execution and Intel software guard extensions (Intel SGX) may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis.

Foreshadow-NG
(CVE-2018-3620 – L1 Terminal Fault: OS/SMM)
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis.

(CVE-2018-3646 – L1 Terminal Fault: VMM)
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

Affected Products:
The following list highlights all currently know affected Intel Platforms;
Intel® Core™ i3 processor (45nm and 32nm)
Intel® Core™ i5 processor (45nm and 32nm)
Intel® Core™ i7 processor (45nm and 32nm)
Intel® Core™ M processor family (45nm and 32nm)
2nd generation Intel® Core™ processors
3rd generation Intel® Core™ processors
4th generation Intel® Core™ processors
5th generation Intel® Core™ processors
6th generation Intel® Core™ processors
7th generation Intel® Core™ processors
8th generation Intel® Core™ processors
Intel® Core™ X-series Processor Family for Intel® X99 platforms
Intel® Core™ X-series Processor Family for Intel® X299 platforms
Intel® Xeon® processor 3400 series
Intel® Xeon® processor 3600 series
Intel® Xeon® processor 5500 series
Intel® Xeon® processor 5600 series
Intel® Xeon® processor 6500 series
Intel® Xeon® processor 7500 series
Intel® Xeon® Processor E3 Family
Intel® Xeon® Processor E3 v2 Family
Intel® Xeon® Processor E3 v3 Family
Intel® Xeon® Processor E3 v4 Family
Intel® Xeon® Processor E3 v5 Family
Intel® Xeon® Processor E3 v6 Family
Intel® Xeon® Processor E5 Family
Intel® Xeon® Processor E5 v2 Family
Intel® Xeon® Processor E5 v3 Family
Intel® Xeon® Processor E5 v4 Family
Intel® Xeon® Processor E7 Family
Intel® Xeon® Processor E7 v2 Family
Intel® Xeon® Processor E7 v3 Family
Intel® Xeon® Processor E7 v4 Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor D (1500, 2100)

This list may be subject to further additions and therefore it is recommended to check the Intel Website [1] periodically for further updates.

Detect: For ITC customers that have subscribed to our MVIS service, a report can be produced to identify assets that contain this vulnerability.

Prevent: Intel have highlighted that applying Intel Microcode updates and OS patches for CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646 should mitigate L1TF/Foreshadow attacks in full.

React: Apply vendor provided patches and ensure latest security updates are up to standard.

Sources:
[1] https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00161.html
[2] https://www.wired.com/story/foreshadow-intel-secure-enclave-vulnerability/
[3] https://www.bbc.co.uk/news/technology-45191697
[4] https://software.intel.com/security-software-guidance/software-guidance/l1-terminal-fault

Author: Sophia Casimir

Recent Posts

Leave a Comment

Tel:
+44 (0) 20 7517 3900

 

Contact ITC Secure

If you have a question, request, comment or requirement, please send us an email now and we will get back to you by return