Security News > 2022 > July > Boffins release tool to decrypt Intel microcode. Have at it, x86 giant says

Infosec boffins have released a tool to decrypt and unpack the microcode for a class of low-power Intel CPUs, opening up a way to look at how the chipmaker has implemented various security fixes and features as well as things like virtualization.

Published Monday on GitHub, the Intel Microcode Decryptor is a collection of three Python scripts users can execute to decode the microcode - including the SGX XuCode - of certain Atom, Pentium, and Celeron CPUs based on Intel's Goldmont and Goldmont Plus microarchitectures.

"The ability for researchers to analyze microcode could enable discovery of new vulnerabilities. Since this microcode has been exposed, Intel welcomes researchers to participate in the microcode bug bounty program in the event that any issues are discovered," we were told.

Chip designers like Intel have long used microcode to translate low-level machine instructions into circuit-level operations within CPU cores.

He added that the scripts can also help people understand how Intel has implemented various technologies, like Intel Trusted Execution Technology, Intel Software Guard Extensions, and Intel Virtualization Technology.

According to the researchers, the Intel Microcode Decryptor was made possible after the trio found vulnerabilities in Intel's chipsets in early 2020 that allowed them to activate an undocumented debugging mode dubbed Red Unlock.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/07/20/intel-cpu-microcode/