Researchers at Bitdefender have uncovered a new suite of vulnerabilities that would allow attackers to leak private data from CPUs, thus gaining access to credentials and other personal information.
The new vulnerability is what’s called a side-channel attack, which would allow an attacker to gain access to otherwise protected data through non-standard means. So rather than reading protected data directly from its location in memory, these new vulnerabilities will force a target to execute rogue instructions by taking advantage of speculative execution routines.
This particular vulnerability combines SWAPGS and WRGSBASE instructions with gadgets within Windows, and similar environments in other operating systems, to exploit existing data protections. This could allow attackers to steal any type of information that is stored in the memory, including chat messages, emails, login credentials, payment information, passwords, encryption keys, tokens, or access credentials.
These speculative execution vulnerabilities are nothing new, although many of the recent variants of these attacks occur at the hardware level, and are thus much harder to patch, requiring full reworks of future CPU revisions to mitigate.
Good news though, as the researchers have already worked with other companies to issue patches at the software level. As of writing, ChromeOS, Windows 10 and some Linux distros have already issued mitigation patches against this threat. And if you’re running an AMD CPU, or a non-64-bit architecture which doesn’t feature SWAPGS and WRGSBASE instruction sets, you should be OK.
AMD issued the following statement on the development:
“AMD is aware of new research claiming new speculative execution attacks that may allow access to privileged kernel data. Based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks. AMD products are designed not to speculate on the new GS value following a speculative SWAPGS. For the attack that is not a SWAPGS variant, the mitigation is to implement our existing recommendations for Spectre variant 1.”
So if you’re using an Intel CPU that’s vulnerable, it’s well worth running a check for updates to your OS to keep yourself safe from this new attack.