Security News
Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface code for Alder Lake, the company's 12th generation processors that was originally launched in November 2021.
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic, raising cybersecurity concerns with researchers. On Friday, a Twitter user named 'freak' posted links to what was said to be the source code for Intel Alder Lake's UEFI firmware, which they claim was released by 4chan.
Linux users have reported seeing weird white flashes and rapid blinking on their Intel laptop displays after upgrading to Linux kernel version 5.19.12, leading to warnings that the bug may damage displays. Besides being a visual annoyance, the unexpected screen flickering prevents users from doing anything on their systems, and Intel Linux kernel engineer Ville Syrjäl warns that it could also damage the display.
Microsoft is now blocking the Windows 11 22H2 update from being offered on some systems with Intel Smart Sound Technology audio drivers. "Intel and Microsoft have found incompatibility issues with certain versions of drivers for Intel Smart Sound Technology on Intel 11th Gen Core processors and Windows 11," Microsoft said in a Windows Health dashboard update.
The US Treasury Department has issued sactions against Iran's intelligence agency in response to that country's cyberattack against Albania and other "Cyber-enabled activities against the United States and its allies." Earlier this week, NATO ally Albania cut its diplomatic relations with Iran after blaming a July cyberattack that hit its government infrastructure on Iranian state-sponsored attackers.
A group of researchers has revealed details of a new vulnerability affecting Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. "The scan of the I/O address space on Intel CPUs based on the Sunny Cove microarchitecture revealed that the memory-mapped registers of the local Advanced Programmable Interrupt Controller are not properly initialized," the researchers noted.
The security community is so focused on attacks relying on software that it often forgets that physical attacks are possible. Physical attacks are also often seen as an attacker having the capability to physically access the targeted computer and then use some hardware to compromise the computer.
Intel has disclosed how it may be able to protect systems against some physical threats by repurposing circuitry originally designed to counter variations in voltage and timing that may occur as silicon circuits age. According to Intel, adding the TRC brings fault injection detection technology to the Converged Security and Management Engine, a part of the Platform Controller Hub chipset in Alder Lake.
What is an APIC, and why do I need it? How can you have data that even the kernel can't peek at? What causes this epic failure in APIC? Does the ÆPIC Leak affect me? What to do about it? What's an APIC? How can you have data that even the kernel can't peek at?
A group of computer scientists has identified an architectural error in certain recent Intel CPUs that can be abused to expose SGX enclave data like private encryption keys. The bug affects recent Intel CPUs based on the company's Sunny Cove microarchitecture, the authors say.