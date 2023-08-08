Intel has announced that it will release fixes for a processor vulnerability that affects several models of its chips, going back to 2015. However, the flaw does not impact Intel’s latest processor generations. This vulnerability could potentially allow attackers to access valuable and sensitive data from victims, including financial details, emails, messages, passwords, and encryption keys.

The vulnerability, known as Downfall, was discovered by Google researcher Daniel Moghimi. It occurs in chip code that utilizes an instruction called Gather to access scattered data in memory more quickly. Intel refers to the flaw as Gather Data Sampling. Moghimi will present his findings at the Black Hat security conference.

The affected chip families include Skylake (2015-2019), Tiger Lake (2020) which will discontinue early next year, and Ice Lake (2019-2021). However, Intel’s current generation chips, including Alder Lake, Raptor Lake, and Sapphire Rapids families, are not affected. Intel has added defenses to block attempts to exploit the vulnerability in these chips.

Intel will release fixes with an option to disable them due to potential performance impacts on certain enterprise users. While the majority of workloads should not experience reduced performance, vectorization-heavy workloads could be affected.

Fixes for vulnerabilities like Downfall are complex to release because they need to go through various manufacturers before reaching computers. Intel coordinates with device-makers to create tailored patches that can be downloaded by users. Intel has been improving the process over the years, but it still takes time. Moghimi disclosed Downfall to Intel a year ago.

Moghimi highlights the need for faster response times in addressing and responding to these types of issues in the hardware industry. He also notes that it may be difficult to detect Downfall attacks as they manifest as benign software activity. Moghimi suggests the possibility of developing a detection system to monitor hardware behavior for signs of abuse.

While Intel states that carrying out Downfall attacks in real-world conditions would be complex, Moghimi suggests that the vulnerability could be exploited by motivated and well-resourced attackers. He emphasizes the significance of the potential data theft and encourages manufacturers to invest in verification to prevent similar flaws.