Intel just patched this first of its kind vulnerability

0 0 Thursday, November 12, 2020

Intel has announced fixes to almost a hundred security vulnerabilities as part of its monthly security disclosures; one of which uses a no...

Intel has announced fixes to almost a hundred security vulnerabilities as part of its monthly security disclosures; one of which uses a novel attack vector.

It is reported that one of the vulnerabilities can help launch an attack that could leak information through the Running Average Power Limit (RAPL) interface on mobile, embedded, desktop, and server processors. 

The exploit has been dubbed Platypus, since it bears resemblance to the electroreception of the semi-aquatic Australian animal.

Power play

According to Intel, Platypus is part of the forty new security advisories that are related to the Converged Security and Management Engine (CSME) as well as the Intel Wireless Bluetooth support. 

Security researchers have carried out power side-channel attacks earlier as well. However, unlike the earlier attacks that required an oscilloscope to monitor the energy consumption, Platypus attacks can be carried out remotely. 

The attack works by exploiting the Running Average Power Limit (RAPL) interface that is designed to help users monitor and control the energy flowing through CPUs and memory. 

The good news however is that these attacks don’t reveal much useful information and have only been exploited in research laboratories. Still, Intel has already released updated microcode and RAPL changes for Platypus. 

Some of these mitigations have already been rolled into the Linux kernel, which now restricts access to the RAPL interface only to apps with elevated privileges.

Interestingly, while the researchers only focussed on Intel processors, almost every chipmaker includes a RAPL interface with their products, and could potentially be vulnerable to Platypus-type attacks. 

Via: Phoronix



from TechRadar - All the latest technology news https://ift.tt/2IwmTed
via IFTTT

Labels:

SHARE:

Twitter Facebook Google Pinterest

COMMENTS

BLOGGER
Surprise Gifts for Best Comments... Follow, Share & Comment!

(Also we do all types of Promotional Activities for your Products / Website or Company. You can instantly contact us by sending your details in the footer "Promotional Activities Form".)

Team TrendlyNews,
www.trendlynews.in
DISQUS
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,121,Video,5,XIAOMI,13,YouTube - 9to5Google,120,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Intel just patched this first of its kind vulnerability
Intel just patched this first of its kind vulnerability
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2020/11/intel-just-patched-this-first-of-its.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2020/11/intel-just-patched-this-first-of-its.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy