Pirates Secure Plundervolt On The Waters Of Skylake
Somewhat Like Using VDroop As An Attack
If you’ve never heard of Intel Software Guard Extensions then there is good chance you can happily ignore Pludervolt, but for those with servers that make use of it you will want to keep an eye on this page for the patch. Thankfully you would need privileged access to the operating system and BIOS to make use of the vulnerability, though amusingly that is exactly the sort of thing SGX is supposed to ensure can’t happen. However, if someone does manage it they can manipulate a voltage regulator located on separate chip on Skylake and newer Intel processors to corrupt the results of certain instructions.
You can check out more details of Intel’s BIOS patch to resolve this over at The Register, thankfully there is no mention of the ability to increase voltage beyond spec which really would be worrying.
Intel on Tuesday plans to release 11 security advisories, including a microcode firmware update to patch a vulnerability in its Software Guard Extensions (SGX) on recent Core microprocessors that allows a privileged attacker to corrupt SGX enclave computations.
More Tech News From Around The Web
- Nikon Is Killing Its Authorized Repair Program @ Slashdot
- iOS 13.3 is here with support for security keys @ The Inquirer
- Can 5G replace everybody’s home broadband? @ Ars Technica
- It’s the end of the 20-teens, and your Windows PC can still be pwned by nothing more than a simple bad font @ The Register
- Microsoft debuts its first native Office app for Linux @ The Inquirer
- Guidemaster: 10 tech gifts to improve the home office @ Ars Technica
- I’ll take your frame to another dimension, pay close attention: This AI auto-generates 3D objects from 2D snaps @ The Register
- Apple’s New Mac Pro Can Cost $52,000. That’s Without the $400 Wheels @ Slashdot