It looks like another security flaw and Intel CPUs has been discovered. This one was found by Romanian security firm BitDefender and will affect Intel Ivy Bridge, Haswell, Skylake, and Kaby Lake processors. The exploit for the vulnerability is being called microarchitectural data sampling (MDS).
MDS allows hackers to obtain information that would otherwise be deemed as secure, but it has been run through the CPUs speculative execution process. Basically speculative execution is where your CPU tries to think ahead of time on what data may or may not be needed and will process it before it knows it is needed. MDS attacks read the data on the CPUs various buffers, between threads, along the way to the CPU cache, and others.
BitDefender says that the flaw can be used to retrieve data from the CPU at a rate that is very close to real-time, as well as selectively pull what information is deemed important.
While talking to TheNextWeb Intel made this statement:
“Microarchitectural Data Sampling (MDS) is already addressed at the hardware level in many of our recent 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable Processor Family. For other affected products, mitigation is available through microcode updates, coupled with corresponding updates to operating system and hypervisor software that are available starting today. We’ve provided more information on our website and continue to encourage everyone to keep their systems up to date, as its one of the best ways to stay protected. We’d like to extend our thanks to the researchers who worked with us and our industry partners for their contributions to the coordinated disclosure of these issues.”
For more information on MDS you can visit this website.
