Home > News content

Intel CPU SGX exposes a new security vulnerability pluderfault

via:CnBeta     time:2019/12/12 23:37:22     readed:689

Scientists have revealed thatPlundervaultIntel CPU's software guard extensions (SGX) can leak keys and cause other errors. Intel has released microcode update fixes,Proof of concept attack generationThe code will be published on GitHub. Chip giant says its SGX, as a private area, can isolate sensitive computing and data from high-level malicious processes.

But computer scientists have found that CPU 's subtle voltage fluctuations can disrupt the normal function of the SGX. By increasing or decreasing the current to the CPU through overvoltage or undervoltage, scientists have found a way to induce SGX error to leak the key, destroy the integrity, and potentially induce memory errors for other types of attacks.

Although the exploit requires the execution of privileged code, it does not depend on physical access, so it may be used for remote attacks.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments