Security News

Doctoral student Riccardo Paccagnella, master's student Licheng Luo, and assistant professor Christopher Fletcher, all from the University of Illinois at Urbana-Champaign, delved into the way CPU ring interconnects work, and found they can be abused for side-channel attacks. "It is the first attack to exploit contention on the cross-core interconnect of Intel CPUs," Paccagnella told The Register.

Microsoft has released a new set of Intel microcode updates for Windows 10 20H2, 2004, 1909, and older versions to fix bugs impacting multiple Intel CPU families. Microcode updates are released by Intel after discovering bugs in their CPUs to allow OS vendors to patch the CPU behavior to address or at least partially mitigate the issues.

Oracle this week announced the availability of its first cumulative set of security fixes for 2021, which includes a total of 329 new patches. The January 2021 Critical Patch Update addresses issues in both Oracle products and third-party components that are included in the company's products, with some of the patches meant to address multiple vulnerabilities, some reported more than a year ago.

Intel announced today at CES 2021 that they have added hardware-based ransomware detection to their newly announced 11th generation Core vPro business-class processors. These hardware-based detections are accomplished using Intel Threat Detection Technology and Hardware Shield that run directly on the CPU underneath the operating system and firmware layers.

Conceptually, the Pluton architecture is an extension of hardware security work that Microsoft started in 2013 with onboard anti-piracy protections for the Xbox One console, though in case that sounds dangerously consumerish the firm is also keen to say the same approach was ported across to Arm-based system-on-chip IoT thingy Azure Sphere too. Future CPU designs from AMD, Intel, and Qualcomm will incorporate Pluton technology, with all three chipmakers queuing up to dutifully say what a great idea this is: "We believe an on-die, hardware-based Root-of-Trust like the Microsoft Pluton is an important component in securing multiple use cases and the devices enabling them," stated Asaf Shen, Qualcomm's senior director of product management in a prepared remark.

Google is currently working on fixing a known issue causing a Google Chrome web browser version launched earlier today for Apple processors to suddenly crash. "Earlier today we updated our Chrome download page to include a new version of Chrome optimized for new macOS devices featuring an Apple processor," Chrome Support Manager Craig Tumblison said.

Google is currently working on fixing a known issue causing a Google Chrome web browser version launched earlier today for Apple processors to suddenly crash. "Earlier today we updated our Chrome download page to include a new version of Chrome optimized for new macOS devices featuring an Apple processor," Chrome Support Manager Craig Tumblison said.

Microsoft is integrating its Pluton security processor directly into Intel, AMD, and Qualcomm CPUs to better secure Windows PCs. Windows 10 gains enhanced security by utilizing specialized chips called Trusted Platform Modules to provide hardware-based security functions. Microsoft is now partnering with Intel, AMD, and Qualcomm to introduce the Pluton security processor as an on-die chip in their CPUs.

Researchers at the University of Birmingham have managed to break Intel SGX, a set of security functions used by Intel processors, by creating a $30 device to control CPU voltage. Break Intel SGX. The work follows a 2019 project, in which an international team of researchers demonstrated how to break Intel's security guarantees using software undervolting.

Researchers have disclosed the details of a new side-channel attack method that can be used to obtain sensitive information from a system by observing variations in the processor's power consumption. The PLATYPUS attack relies on having access to Intel's Running Average Power Limit, a feature introduced by the company with the Sandy Bridge microarchitecture and which is designed for monitoring and controlling the CPU and DRAM power consumption.