• Home
  • Laptops
  • Laptops News
  • SWAPGS Speculative Execution Vulnerability for Intel CPUs Disclosed, Microsoft Releases Windows 10 Patch

SWAPGS Speculative Execution Vulnerability for Intel CPUs Disclosed, Microsoft Releases Windows 10 Patch

Intel CPUs have once again been found to be vulnerable to a speculative execution exploit

Share on Facebook Tweet Share Reddit Comment
SWAPGS Speculative Execution Vulnerability for Intel CPUs Disclosed, Microsoft Releases Windows 10 Patch
Highlights
  • The flaw was discovered a year ago and has just been publicly disclosed
  • Microsoft released a patch for the vulnerability in July
  • AMD says its CPUs are not affected by this specific flaw

Security vendor Bitdefender has disclosed details of a new speculative execution security vulnerability in Intel CPUs dating back to 2012, which could be used to steal sensitive information including passwords from a computer. The newly discovered issue, named SWAPGS, could also negate all the patches so far released for the infamous Spectre and Meltdown flaws. According to Bitdefender, the issue was first discovered over a year ago, and the company has been working with Intel and other ecosystem stakeholders in order to minimise its impact. Public disclosure was withheld till just now, at the ongoing Black Hat security conference, where Bitdefender has released a detailed whitepaper on its research.

The flaw follows the highly publicised Spectre and Meltdown speculative execution vulnerabilities, as well as other similar flaws that have been discovered since. All Intel CPUs starting with the Ivy Bridge generation, first released in 2012, are particularly affected by these issues due to the fundamental design of their architecture. AMD has released a statement saying that it believes its products are unaffected, though this has not yet been confirmed by third-party research.

Speculative execution refers to a CPU's way of speeding up operations by pre-emptively running instructions that might be needed in the future, in order to make sure that the CPU pipeline is not waiting for data and can successfully utilise all its resources simultaneously rather than waiting for one instruction to complete before its result can be applied to further calculations. Security flaws arise when the CPU is allowed to speculatively execute instructions that require secure data, which should only be accessed when sufficient privileges are granted. Attackers can craft instructions that intercept that data while it is being accessed in this manner.

The SWAPGS instruction is used by Intel CPUs when switching between the secure (kernel mode) and open (user mode). A sophisticated attacker could exploit the way that Windows issues instructions to intercept sensitive data that should have been in the privileged kernel memory space.

In a statement published by The Inquirer, Intel has stated: "Intel, along with industry partners, determined the issue was better addressed at the software level and connected the researchers to Microsoft. It takes the ecosystem working together to collectively keep products and data more secure, and this issue is being coordinated by Microsoft."

Microsoft released a security patch addressing this issue in July 2019 without publicising it, but has now published its own disclosure. This patch is recommended, since previous patches for Spectre and Meltdown, amongst other similar issues, will not protect against SWAPGS.

Red Hat has also published an advisory stating that it does not believe that SWAPGS can be exploited on operating systems based on the Linux kernel, but users can update and reboot their systems just in case.

Bitdefender has published a detailed whitepaper on the SWAPGS vulnerability, in which it states that the AMD CPUs it tested were not affected, and that it doesn't believe that other architectures including ARM will be vulnerable, though there is a possibility that other equivalent exploits might exist.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Jamshed Avari

Jamshed Avari has been working in tech journalism as a writer, editor and reviewer for over 13 years. He has reviewed hundreds of products ranging from smartphones and tablets to PC components and accessories, and has also written guides, feature articles, news and analyses. Going beyond simple ratings and specifications, he digs deep into how emerging products and services affect actual users, and what marks they leave on our cultural landscape. He's happiest when something new comes ...More

Twitter Spotted Testing a Way to 'Snooze' Push Notifications
Fossil Gen 5 Wear OS Smartwatch With Built-In Speaker, Extended Battery Life Launched
 
 

Advertisement

 

Advertisement

© Copyright Red Pixels Ventures Limited 2019. All rights reserved.