Intel CPUs at risk from new ‘Snoop’ attack
New attack can leak data from a CPU’s internal memory but there is a patch available
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A new attack that can leak data from a CPU’s internal memory or cache has been discovered which affects many popularIntel processors.
The “Snoop-assisted L1 Data Sampling” attack, or Snoop for short, was first found by a software engineer atAWSnamed Pawel Wieczorkiewicz.
Wieczorkiewicz promptly reported the issue toInteland following its own investigations into the matter, the chipmaker realized that patches released back in August of 2018 to fix theForeshadow vulnerabilitycould also be applied to this new attack.
Many popular Intel processors, including those from the company’s Core and Xeon lines, are vulnerable to Snoop attacks and you can checkthis listto see all of the CPUs that are affected.
Snoop attacks
The new Snoop attack takes advantage of CPU mechanisms such as multiple cache levels, cache coherence and bus snooping in order to leak data from a CPU core to other cores.
Thankfully though, this new attack is very hard to pull off and does not leak large quantities of data. Intel explained that Snoop attacks require conditions that are hard to meet in the real world, saying:
“Due to the numerous complex requirements that must be satisfied to successfully carry out, Intel does not believe Snoop Assisted L1 Data Sampling is a practical method in real world environments where the OS is trusted.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
For those running high-risk systems, the company recommends that you apply the Foreshadow (L1TF) patches from August 2018 to protect your systems from potential Snoop attacks. Additionally, disabling the Intel TSX (Transactional Synchronization Extensions) can greatly reduce the attack surface while also making this new attack harder to pull off.
ViaZDNet
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new malware utilizes a rare programming language to evade traditional detection methods
A new form of macOS malware is being used by devious North Korean hackers
Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time
