Intel processors are affected by Downfall, a security flaw that can allow a malicious user to gain access to sensitive and private user data from users’ computers, and the chipmaker is rolling out fixes that patch the vulnerability on affected systems. The flaw was detected by a California-based researcher and disclosed to Intel, allowing the firm to patch the issue before details were published online. Unlike the company’s recent chips, older CPUs released by Intel in 2015 are currently vulnerable and these models will receive a microcode update to fix the potential leakage of information.
The chipmaker has assigned a “Medium” security rating for the bug in a post on the Intel Security website, which states that the firm will issue a firmware update and a software sequence — the latter is optional — that is designed to patch the security flaw. Customers with PCs powered by Intel’s 6th generation Skylake processors all the way up to the 11th generation Tiger Lake processors are affected by the security flaw. Alder Lake, Sapphire Rapids, and Raptor Lake chips are not affected by the flaw.
Dubbed Downfall by Daniel Moghimi, the Google security researcher who discovered it, the vulnerability is capable of beating boundaries set by the chipmaker for the operating system, virtual machine, and Intel’s Software Guard Extensions. Moghimi used the Gather instruction that is used to make it easier to access data that is scattered in the device’s memory in order to discover the flaw and develop a proof of concept that was shared with the company in order to develop a fix.
The researcher also explains that the Downfall vulnerability can also bypass fixes previously issued by Intel for older flaws such as Meltdown and Microarchitectural Data Sampling (MDS). Intel is rolling out microcode updates to secure its older processors against the flaw that can allow an attacker to steal arbitrary data from the Linux Kernel, 128-bit and 256-bit AES keys from another user, and even spy on printable characters, according to Moghimi.
Moghimi says the Downfall vulnerability is “highly practical” and that developing an end-to-end attack to steal encryption keys from OpenSSL — and open-source encryption library — took only two weeks. Users have been exposed to Downfall for at least nine years, as the chips affected by the security flaw were released as early as 2014.
“The security researcher, working within the controlled conditions of a research environment, demonstrated the GDS issue which relies on software using Gather instructions. While this attack would be very complex to pull off outside of such controlled conditions, affected platforms have an available mitigation via a microcode update. Recent Intel processors, including Alder Lake, Raptor Lake and Sapphire Rapids, are not affected. Many customers, after reviewing Intel’s risk assessment guidance, may determine to disable the mitigation via switches made available through Windows and Linux operating systems as well as VMMs. In public cloud environments, customers should check with their provider on the feasibility of these switches,” an Intel spokesperson told 10Beast.