Spectre, Meltdown, Foreshadow, ZombieLoad und Plundervolt. In recent years, security researchers worldwide have identified serious security holes in the architecture of computer processors – especially in processors from Intel.
An international research team with central participation of TU Graz has now presented a new attack under the name of Load Value Injection. The vulnerability is similar to the already known Meltdown attack, but reverses this method. This time, the attacked computer does not reveal any secret data such as passwords or other sensitive content, but continues to work with false data that has been "injected" into the computer by attackers. Again, gaps in the SGX encoders developed by Intel are exploited. These are specially protected areas in a processor that are sealed off from the rest of the system, where particularly sensitive data is to be processed securely.
The researchers made their discovery public on the Load Value Injection website and will present the scientific paper at the IEEE Security and Privacy Symposium in San Francisco in may.
"This loophole is very difficult to close," explains TU Graz researcher Daniel Gruss, who is once again at the centre of the discovery together with his colleagues Michael Schwarz and Moritz Lipp. “It requires either a new processor or a severe intervention in the software. The software solution developed by Intel and us in parallel will bring massive performance losses." The team informed Intel of the discovery as early as April 2019. "We agreed to this long period of secrecy to give Intel enough time to develop the necessary fixes and not to put computer users at risk."
Once again, the participating researchers recommend installing all security updates from the manufacturers and securing the computer system.
This research is anchored in the „Field of Expertise“ Information, Communication & Computing, one of the five fields of strength of TU Graz.