Facts about The New Security Research Findings and Intel Products

Facts about The New Security Research Findings and Intel Products

Overview

On January 3, 2018 a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors’ processors and operating systems.

Intel is committed to product and customer security and to responsible disclosure. We worked closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to mitigate this issue promptly and constructively.

Below are facts about these new exploits, and steps you can take to help protect your systems and information.

How the New Analysis Methods Work

These exploits are based on side-channel analysis. A side-channel is some observable aspect of a computer system’s physical operation, such as timing, power consumption or even sound. The statistical analysis of these behaviors can in some cases be used to potentially expose sensitive data on computer systems that are operating as designed. These exploits do not have the potential to corrupt, modify or delete data.

Most modern CPUs are able to predict what code they might need to run for a given process, and run it in advance so the results are ready before they are needed. This can significantly improve the overall performance and efficiency of a CPU, resulting in a faster and more capable computer or mobile device. CPUs may sometimes move data from one memory location to another for use by these processes. Although the system is operating exactly as it is designed to, in certain cases some of this data may be observable through these exploits.

Protecting Your Computer Systems

We have begun providing software and firmware updates to mitigate these exploits. End users and systems administrators should check with their operating system vendors and system manufacturers, and apply any updates as soon as they are available.

For malware to compromise security using these exploits, it must be running locally on a system. Intel strongly recommends following good security practices that protect against malware in general, as that will also help protect against possible exploitation.

The threat environment continues to evolve. Intel is committed to investing in the security and reliability of our products, and to working constructively with security researchers and others in the industry to help safeguard users’ sensitive information..

USEFUL RESOURCES

This is list is not comprehensive. System manufacturers, operating system vendors, and others not listed here may have published information regarding this situation. You should check for updates or advisories from your system manufacturer or operating system vendor.

  •   Newsroom: Intel Responds to Security Research Findings
  •   Intel Customer Support
  •   Intel Security Center
  •   Wikipedia on side-channel attacks
  •   Wikipedia on speculative execution

 Third-party information on sound security practices

  •  Stop.Think.
  •  National Cyber Security Alliance

Is this a bug in Intel hardware or processor design?

No. This is not a bug or a flaw in Intel products. These new exploits leverage data about the proper operation of processing techniques common to modern computing platforms, potentially compromising security even though a system is operating exactly as it is designed to. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Which Intel-based platforms are affected by or vulnerable to the issue?

The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time.

Please check with your system vendor or equipment manufacturer for more information regarding your system.

Intel® Core™ i3 processor (45nm and 32nm)

Intel® Core™ i5 processor (45nm and 32nm)

Intel® Core™ i7 processor (45nm and 32nm)

Intel® Core™ M processor family (45nm and 32nm)

2nd generation Intel® Core™ processors

3rd generation Intel® Core™ processors

4th generation Intel® Core™ processors

5th generation Intel® Core™ processors

6th generation Intel® Core™ processors

7th generation Intel® Core™ processors

8th generation Intel® Core™ processors

Intel® Core™ X-series Processor Family for Intel® X99 platforms

Intel® Core™ X-series Processor Family for Intel® X299 platforms

Intel® Xeon® processor 3400 series

Intel® Xeon® processor 3600 series

Intel® Xeon® processor 5500 series

Intel® Xeon® processor 5600 series

Intel® Xeon® processor 6500 series

Intel® Xeon® processor 7500 series

Intel® Xeon® Processor E3 Family

Intel® Xeon® Processor E3 v2 Family

Intel® Xeon® Processor E3 v3 Family

Intel® Xeon® Processor E3 v4 Family

Intel® Xeon® Processor E3 v5 Family

Intel® Xeon® Processor E3 v6 Family

Intel® Xeon® Processor E5 Family

Intel® Xeon® Processor E5 v2 Family

Intel® Xeon® Processor E5 v3 Family

Intel® Xeon® Processor E5 v4 Family

Intel® Xeon® Processor E7 Family

Intel® Xeon® Processor E7 v2 Family

Intel® Xeon® Processor E7 v3 Family

Intel® Xeon® Processor E7 v4 Family

Intel® Xeon® Processor Scalable Family

Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series

Intel Atom® Processor C Series

Intel Atom® Processor E Series

Intel Atom® Processor A Series

Intel Atom® Processor x3 Series

Intel Atom® Processor Z Series

Intel® Celeron® Processor J Series

Intel® Celeron® Processor N Series

Intel® Pentium® Processor J Series

Intel® Pentium® Processor N Series

🍎たったひとつの真実見抜く、見た目は大人、頭脳は子供、その名は名馬鹿ヒカル!🍏
Forums  ›  PC/Phone  ›  IT info