Chipset making giant Intel has been struggling to fix a hardware-based security flaw

Source From: IANS 2019-11-13 15:39:19
San Francisco, Nov 13 (IANS) Chipset making giant Intel has been struggling to fix a hardware-based security flaw in its processors that could potentially leak confidential data from a PC or server.

The firm is still coming up short on patching the vulnerabilities, said security researchers from the VUSec group at the Vrije Universiteit Amsterdam, according to a report in PC Mag.

Two separate groups of academics said they were able to exploit the chip flaws on the 9th-generation Intel "Cascade Lake" processors, which were supposedly designed to stop such attacks.

"Unfortunately, until there is sufficient public/industry pressure, there seems to be little incentive for Intel to change course, leaving the public with a false sense of security," the researchers added.

Earlier, in May, the company had announced fixes that it said would fix the most recent problems rising from the loophole, which were brought to its attention by security researchers in Europe.

Reports now suggest that the previous repair did not stop all the ways attackers could take advantage of the loophole, forcing it to take further action this week.

The problem deals with two hardware-based flaws, named "ZombieLoad" and "RIDL" (Rogue In-flight Data Load).

To achieve the speed boosts, Intel processors have been designed to predict and pre-fetch computing instructions as the system runs. But this can come at a cost. You can also trick the same processes into pre-fetching confidential data from the machine before leaking it, according to security researchers, the report added.