The FINANCIAL -- Intel’s Product Assurance and Security (IPAS) team is focused on the cybersecurity landscape and constantly working to protect customers. Recent initiatives include the expansion of our Bug Bounty program and increased partnerships with the research community, together with ongoing internal security testing and review of our products.
Intel and our industry partners are sharing more details and mitigation information about a recently identified speculative execution side-channel method called L1 Terminal Fault (L1TF). This method affects select microprocessor products supporting Intel Software Guard Extensions (Intel SGX) and was first reported to us by researchers at KU Leuven University, Technion – Israel Institute of Technology, University of Michigan, University of Adelaide and Data61*1. Further research by our security team identified two related applications of L1TF with the potential to impact other microprocessors, operating systems and virtualization software.
Security Exploits and Intel Products
L1TF is also addressed by changes that are already making at the hardware level. As announced in March, these changes begin with our next-generation Intel Xeon Scalable processors (code-named Cascade Lake), as well as new client processors expected to launch later this year.
"We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices. This includes keeping systems up-to-date and taking steps to prevent malware. More information on security best practices is available on the Homeland Security website."
L1 Terminal Fault
All three applications of L1TF are speculative execution side channel cache timing vulnerabilities. In this regard, they are similar to previously reported variants. These particular methods target access to the L1 data cache, a small pool of memory within each processor core designed to store information about what the processor core is most likely to do next.
The microcode updates that released earlier this year provide a way for system software to clear this shared cache. Given the complexity, created a short video to help explain L1TF.
"Once systems are updated, we expect the risk to consumer and enterprise users running non-virtualized operating systems will be low. This includes most of the data center installed base and the vast majority of PC clients. In these cases, we haven’t seen any meaningful performance impact from the above mitigations based on the benchmarks we’ve run on our test systems."
There is a portion of the market – specifically a subset of those running traditional virtualization technology, and primarily in the data center – where it may be advisable that customers or partners take additional steps to protect their systems. This is principally to safeguard against situations where the IT administrator or cloud provider cannot guarantee that all virtualized operating systems have been updated. These actions may include enabling specific hypervisor core scheduling features or choosing not to use hyper-threading in some specific scenarios. While these additional steps might be applicable to a relatively small portion of the market, we think it’s important to provide solutions for all our customers.