For the past two years, Intel CPUs have been under siege by an unending series of attacks that make it possible for cybercriminals to pluck passwords, encryption keys, and other secrets out of silicon-resident memory. New security research reveals that Intel's speculative execution flaws go deeper and are even harder to fix than we initially thought.
On Tuesday, two separate academic teams disclosed two new and distinctive exploits that pierce Intel’s Software Guard eXtension, by far the most sensitive region of the company’s processors.
Abbreviated as SGX, the protection is designed to provide a Fort Knox of sorts for the safekeeping of encryption keys and other sensitive data even when the operating system or a virtual machine running on top is badly and maliciously compromised. SGX works by creating trusted execution environments that protect sensitive code and the data it works with from monitoring or tampering by anything else on the system.