Skip to main content

Is your PC safe? Foreshadow is the security flaw Intel should have predicted

If you thought Spectre and Meltdown were going to be the only industry-shaking security flaws to affect nearly every computer, think again. Intel recently revealed three new issues related to its Core and Xeon processors, dubbed collectively as “Foreshadow” by the researchers who discovered the exploits.

Unfortunately for Intel and all of us, Foreshadow doesn’t exactly inspire confidence in the computers we rely on every day. Here’s everything you need to know about the new security flaw.

Meet Foreshadow

Like with Spectre and Meltdown, Foreshadow was first discovered by multiple independent teams outside Intel, in this case as a collaboration between researchers from a few universities.

insecure
(in)Secure, a weekly column, follows the trends, and screw-ups, you need to know about. We’ll touch on topics ranging from the laws behind cyber security, to the latest major breaches, to new methods that can help keep your data safe or, at least, minimize the damage.

But the origin story is not where the similarities to the previous security flaws stop. The vulnerabilities revealed in Foreshadow are similar to Meltdown and Spectre in that they take advantage of flaws in the way processors temporarily store data in memory.

In an interview with the BBC, one of the researchers behind the discovery described the attack as targeting a “lock box within Intel’s processors,” which could then leak out any kind of data you wanted.

The “lock box” Wenisch is referring to is known as the Software Guard Extensions (Intel SGX), and this attack method only works on Intel processors with the special feature. Intel SGX is essentially a set of instructions built into Intel’s chips that enable developers to create private caches, aka enclaves, in memory, for applications such as secure web browsing and digital rights management for streaming video.

Foreshadow Attack

This alone was already a dangerous vulnerability waiting to be exploited — but unfortunately, it was only the first of three methods of attack. Upon further investigation, Intel discovered two other related problems, which researchers have named “Foreshadow-NG” (aka next generation).

Foreshadow, the Next Generation

These two vulnerabilities are still based on a processor core’s L1 cache, which is where an individual core of the processor stores the information it will need next. But these newly-discovered issues affect memory uses other than just Intel’s SGX technology.

The first vulnerability in the Foreshadow-NG group can grab data from memory used by the core of an operating system, aka the kernel. This core has access to all data stored in memory, including every app and program installed on the machine. The good news here is that a hacker must have access to your PC and use a malicious program to actually steal that data.

This vulnerability also enables access to data used by the System Management Mode (SMM) installed in all modern processors. This mode is used by the PC’s firmware to control the hardware, manage power, and so on. Again, to steal this data, a hacker must have access to your PC with guest privileges to run malicious software.

Foreshadow Attack - Technical Demo

The second Foreshadow-NG vulnerability can be used to attack virtual machines. These aren’t real PCs, but rather software-emulated PCs running in memory on a datacenter server. Virtual machines are typically managed by a hypervisor so that data doesn’t leak between these virtual PC instances.

But according to the researchers, a malicious virtual machine could break through those boundaries. “A malicious virtual machine running inside the cloud can potentially read data belonging to other virtual machines as well as data belonging to the cloud’s hypervisor,” the researchers claim.

Who’s affected by Foreshadow?

The original Foreshadow vulnerability, specifically pertains only to SGX-enabled Intel processors. These include all sixth- and seventh-generation Core processors but exclude Atom processors that support SGX. Processors manufactured by AMD are not affected, nor are chips based on ARM’s processor core design (Tegra, Snapdragon, Enyos, etc.).

Foreshadow modern computer affected
The Foreshadow security flaw affects nearly every modern computer with an Intel processor. Image used with permission by copyright holder

Foreshadow-NG is a different story. As of now, chips based on ARM’s architecture and x86-based CPUs from AMD are still under investigation. Processors produced by Intel that fall prey to Foreshadow-NG can be found here in a very long list. It essentially covers second- to eighth-generation Intel Core processors, X-Series chips for the X99 and X299 platforms, Xeon processors spanning from the 32400 Series to the Xeon Processor Scalable Family, and so on.

“We are not aware of reports that any of these methods have been used in real-world exploits …”

Intel was quick to report that microcode updates were already issued earlier this year to protect customers against possible attacks. These updates built a foundation for the current mitigations introduced on Tuesday by operating system providers, hypervisor software developers and the open source community.

Changes will also be made on a hardware level in Intel’s next-generation “Cascade Lake” Xeon Scalable processors and “client processors” launching by the end of 2018.

“We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices,” Intel says. “This includes keeping systems up-to-date and taking steps to prevent malware.”

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
This Samsung gaming monitor is usually $1,100 — today it’s $450
The front view of the Samsung Odyssey Neo G7 4K curved gaming monitor.

When shopping for gaming PC deals, you shouldn't forget to set aside some cash for a decent display -- you wouldn't want to be stuck with an old screen with your upgraded machine. Fortunately, there are monitor deals for gamers, such as Samsung's offer for the 32-inch Samsung Odyssey Neo G7. As part of the Samsung Discover event, the 4K curved gaming monitor is down to just $450 from its original price of $1,100, for massive savings of $650. This bargain is only available today, so if you're interested, don't waste any more time and buy it right now.

Why you should buy the 32-inch Samsung Odyssey Neo G7 4K curved gaming monitor
Samsung's Odyssey line is a fixture on our list of the best gaming monitors, which should give you an idea of what to expect from the 32-inch Samsung Odyssey Neo G7 4K curved gaming monitor. Its size is at the top end of our computer monitor buying guide's recommended range of 24 inches to 32 inches, and with 4K Ultra HD resolution, you'll be able to fully enjoy the graphics of the best PC games. The 1000R curved design of the screen will not only immerse you in what you're playing as your peripheral vision will be filled, but it also makes looking at the screen more comfortable as it matches the arc of your eyes.

Read more
Hurry! You only have a few hours to buy this Asus laptop for $110
Front and back views of the Asus E410 14-inch laptop against a white background.

For those who are on an extremely tight budget but need a new laptop, there are some cheap laptop deals that you can shop. Here's one that's available right now: the Asus E410 for only $110 from Best Buy, following a $70 discount on its original price of $180. There's not much time left before the offer expires though -- just a few more hours! -- so if you want to take advantage of this bargain, you're going to have to proceed with your purchase for this affordable laptop as soon as possible.

Why you should buy the Asus E410 laptop
Let's get it out of the way -- for its price, you shouldn't expect the Asus E410 to challenge the performance of the best laptops. It's equipped with the Intel Celeron N4500 processor, Intel Iris Xe Graphics, and 4GB of RAM, which keep its costs low. While you won't be editing videos or playing the best PC games with this laptop, it will be able to handle simple tasks such as browsing the internet, checking social media, and watching streaming shows. If that's all you're planning to do, you won't be disappointed with the Asus E410.

Read more
57% of the internet may already be AI sludge
a cgi word bubble.

It's not just you -- search results really are getting worse. Amazon Web Services (AWS) researchers have conducted a study that suggests 57% of content on the internet today is either AI-generated or translated using an AI algorithm.

The study, titled "A Shocking Amount of the Web is Machine Translated: Insights from Multi-Way Parallelism," argues that low-cost machine translation (MT), which takes a given piece of content and regurgitates it in multiple languages, is the primary culprit. "Machine generated, multi-way parallel translations not only dominate the total amount of translated content on the web in lower resource languages where MT is available; it also constitutes a large fraction of the total web content in those languages," the researchers wrote in the study.

Read more