Intel reveals more major chip security flaws

Intel is facing a fresh security headache following the news that its hardware is being hit by a major new vulnerability.

The Foreshadow flaw had been identified by security researchers who say that all Intel hardware released after 2015 could be affected, with cloud computing systems and virtual machines also affected for the first time.

The vulnerability could allow third parties or hackers to access personal information on an Intel-powered device, with many of the company's top-end Core and Xeon processors among the products affected.

Intel has posted a full list of affected hardware on its website, but says that it was "not aware" of the flaw being utilised in real-world exploits at this time.

(Image credit: Foreshadow team)

Foreshadow security flaw

Foreshadow was uncovered in joint research by researchers at KU Leuven university in Belgium and the universities of Michigan and Adelaide. The team notified Intel of the attack back in January, but is separate from that seen in the work on the Spectre and Meltdown attacks uncovered in the same month.

The attack is different from Meltdown as it targets virtual machines as well as the data stored on a device (which was the method of the earlier attack)

The team notes that Foreshadow is also resistant to the systems used to block Meltdown, and also can get around protection set up to stop the Spectre attacks. 

Users will also most likely not be able to detect if they have been affected by the new attack, as Foreshadow does not leave traces. 

Intel has already released a patch that it says will stop the issue, and states that future processors will be tweaked in order to not be affected by Foreshadow. 

Individual VM and cloud providers will need to produce their own workarounds, however, with the likes of AWS, Google and Microsoft Azure confirming they have already done so.

TOPICS
Mike Moore
Deputy Editor, TechRadar Pro

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK's leading national newspapers and fellow Future title ITProPortal, and when he's not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.