Hundreds of millions of computers are unsafe due to leaking Intel processors

By exploiting vulnerabilities in processors, malicious parties can gain access to all data on computers, laptops and servers, such as passwords and other sensitive information. The vulnerabilities are in all Intel chips made since 2008, making hundreds of millions of devices susceptible, Herbert Bos explains to RTL Z.

The professor of computer security led the researchers at VU University Amsterdam who discovered the vulnerabilities. “Through the leak, you can leak passwords, but also other sensitive data that you may have on your PC or server.”

How big is the leak?

The vulnerabilities found are very serious, says Bos, because so many computers and servers can be affected by them. Intel chips are by far the most popular among manufacturers of desktops, laptops and servers.

At the end of last year, almost 1.5 billion PCs and laptops were in use, according to figures from market researcher IDC. The vast majority of them use Intel processors. In the last four to five years, Intel has had a market share of 80 to 90 percent worldwide.

Smartphones and tablets with Intel chips remain unaffected. No leaks were found.

How does the leak work?

Bos explains that a clever trick allowed the researchers to access all the data processed by a computer. It abuses calculations that a processor in your computer makes speculatively.

“To work efficiently, a processor uses data that it thinks you will use,” says the professor. “The processor does not check whether this data can be provided and preloads this data.”

Because of the leak, all the information available is unsecured. “We used a program where we made the hardware, the processor, do something wrong. That way we actually got access to all the information that a computer processes.”

No visible traces

It is not clear whether hackers or other malicious parties really used the leak to steal data, says Bos. This is because the exploitation of the leak leaves no visible traces. “All we know is that the leak has been there for a long time, and it could have been exploited all along.”

How dangerous is the leak?

Because the leak leaves no trace, it is attractive for attackers to exploit, says Bos. You don’t really need to break into the computer.

The program that exploits the vulnerability can run on websites that appear secure. For example, it can be part of javascript, a popular technology on websites that display interactive elements such as ads. “But it could just as well be in the cloud or programs you have installed on your computer.”

The dangerous thing is that it does not depend on what you do as a citizen. “You don’t have to respond to phishing emails or visit unsafe websites to be affected by this. Your software can be completely updated and you can still lose your information.”

Solution: Update

Intel says in an official response that it has fixed the vulnerability in the latest processors it sells.

For other processors, Intel has announced software updates available starting today. “We encourage everyone to keep their system up to date as it is one of the best ways to stay secure.”

Apple has already released an update to its MacOS operating system that should close the leak, Bos says. Microsoft is releasing an update for Windows today.

“Intel is not in control”

It is the third time in just over a year that there has been a major leak at Intel. Last year, hackers were also found able to access data on computers through the Meltdown and Specter vulnerabilities. “It’s an indication that Intel is not in control,” says Bos. “It’s obviously very difficult for them.”

Meltdown affected all PCs, laptops and servers with Intel chips. Specter also made chips from manufacturers ARM and AMD vulnerable. In the summer another leak came over it: L1TF. “It was minor, but also very serious.”

More dangerous than ransomware and phishing?

Despite the seriousness of the leak, Bos believes it is more likely that consumers will be affected by ransomware and phishing: popular ways for hackers to steal data from ‘regular users’.

“Companies should be more concerned about this leak. A company’s CEO would be a good target for such a more targeted attack,” says Bos.

Even more secure

But in addition to these measures, computer users should also do something, says the professor. “It turns off hyperthreading, a technology that allows processors to multitask. That’s not what Intel is saying, that’s what we’re saying.”

“Intel says: you can turn it off, but you don’t have to. But I believe that the problem is so complex that you can’t solve it properly without turning it off,” he expresses his opinion and his fellow researchers .

Disabling this option is not something the average computer user does easily, so the professor refers to an instruction from the tech site PCMag, where this is explained step by step.

He beware: There is no guarantee that this will work on all computers. Disabling this setting may be difficult for some computers.

Reward: 100,000 euros

The researchers at VU encountered the leak by accident. “We had a bug ourselves. One of our students was assigned to investigate something. Due to a bug in his code, he saw all kinds of data that didn’t belong to him.”

It was September 11 last year. The next day, the researchers notified Intel. The chip manufacturer gave the researchers a reward of 100,000 euros.

To demonstrate that the leak was also present in older processors, the researchers had to look for old computers that also contained the chips. “We tried to buy all the processors we could find via Marktplaats and other suppliers. Because older chips were not easy to find in stores.”

The researchers had to keep the leak under wraps for nearly nine months so Intel could fix it.

Leave a Comment