Your Web News in One Place

An Interest In:

Web News this Week

Search Archive

Some of Our Sources

View All Sources

Help Webnuz

Referal links:

Sign up for GreenGeeks web hosting
December 10, 2019 10:50 pm

New Plundervolt Attack Impacts Intel Desktop, Server, and Mobile CPUs

An anonymous reader quotes a report from ZDNet: Academics from three universities across Europe have disclosed today a new attack that impacts the integrity of data stored inside Intel SGX, a highly-secured area of Intel CPUs. The attack, which researchers have named Plundervolt, exploits the interface through which an operating system can control an Intel processor's voltage and frequency -- the same interface that allows gamers to overclock their CPUs. Academics say they discovered that by tinkering with the amount of voltage and frequency a CPU receives, they can alter bits inside SGX to cause errors that can be exploited at a later point after the data has left the security of the SGX enclave. They say Plundervolt can be used to recover encryption keys or introduce bugs in previously secure software. Intel desktop, server, and mobile CPUs are impacted. A full list of vulnerable CPUs is available here. Intel has also released microcode (CPU firmware) and BIOS updates today that address the Plundervolt attack [by allowing users to disable the energy management interface at the source of the attack, if not needed]. Proof-of-concept code for reproducing attacks will be released on GitHub.

Read more of this story at Slashdot.


Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/m-Xxv-vsLTE/new-plundervolt-attack-impacts-intel-desktop-server-and-mobile-cpus

Share this article:    Share on Facebook
View Full Article

Slashdot

Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..

More About this Source Visit Slashdot