Intel Haswell chips open to malware flaw

The vulnerability applies to Haswell chips installed in Linux, Windows, Android and iOS

Researchers from the universities of Binghamton and California claim to have found that Intel Haswell microprocessors running on Linux, Windows, Android and Apple's iOS and MacOS have a vulnerability that could leave devices using the chips vulnerable to malware attacks.

The alleged flaw was discovered by researchers Dmitry Evtyushkin, Dmitry Ponomarev and Nael Abu-Ghazaleh in the address space layout randomisation (ASLR) feature, which randomises memory addresses used by processes to prevent arbitrary code from running and therefore should stop malware being provisioned.

However, the paper showed that this process to safeguard Haswell chips can be intercepted using the branch target buffer (BTB), part of the chip used to cache information in the CPU. The BTB's role is to store target addresses of recently executed branch instructions, which can be looked up to fetch instructions every time a cycle happens. This interception causes memory addresses to leak.

"Since the BTB is shared by several applications executing on the same core, information leakage from one application to another through the BTB side-channel is possible," the researchers explained.

Advertisement
Advertisement - Article continues below

Although the researchers discovered the flaw when using Linux, they said it can be used across operation systems and anyone using a device with a Haswell chip should be aware. The report added that people using 32-bit operating systems are particularly at risk because, although they have less addressable space for randomisation, hackers can build faster and more powerful attacks.

"ASLR implementations across different operating systems differ by the amount of entropy used and by the frequency at which memory addresses are randomised," the researchers said.

"The randomisation frequency can range from a single randomisation at boot or compile time to dynamic randomisation during program execution. More frequent re-randomisation reduces the probability of a successful attack."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019