Cyber-security Senior Contributor for Forbes, Davey Winder, is among several reporting a new security vulnerability that "affects Windows computers running on 64-bit Intel and AMD processors." SWAPGS, as the vulnerability is called, allows an attacker to gain access to "your passwords, private conversations and any other information within the operating system kernel memory. Chris Brunau writes, "according to researchers, all Intel CPUs manufactured between 2012 and today" are at risk and vulnerable to the attack.
In a statement from AMD, the write "AMD is aware of new research claiming new speculative execution attacks that may allow access to privileged kernel data. Based on external and internal analysis, AMD believes it is not vulnerable to the SWAPGS variant attacks because AMD products
are designed not to speculate on the new GS value following a speculative SWAPGS. AMD put out a full statement regarding this attack. Red Hat advisory stated "based on industry feedback, we are not aware of any known way to exploit this vulnerability on Linux kernel-based systems.”
Bitdefender researchers "have been working with Intel for more than a year to address the risk from this new “side-channel” attack that, the company said, “bypasses all known mitigations implemented after the discovery of Spectre and Meltdown in early 2018.” However, it has waited until now to disclose the information as Microsoft has issued a fix to address the vulnerability as part of the July 9 “Patch Tuesday” updates. Even so, despite the best efforts of everyone concerned, Bitdefender admitted that “it is possible that an attacker with knowledge of the vulnerability could have exploited it to steal confidential information.”
WHAT DO WE DO?
The chances of falling victim to a SWAPGS attack now that the details have been disclosed have increased, so users are advised to apply available updates as a matter of urgency if they have not already done so.
WHAT ARE THE RISKS?
The concept for the attack can be viewed in very simple terms, although the threat is very sophisticated. Ian Trump, head of cybersecurity at Amtrust International, says “if the firmware, BIOS and microcode layers of a computer are insecure than it is impossible to put a secure operating system on top of that.”
Comments