It is not uncommon to meet vulnerabilities that can affect a system, application or device. It is, in fact, one of the options that hackers have to attack their victims. Taking advantage of these flaws can lead to theft of passwords or data. Something like this is what happens with this new problem that affects the intel processors. The point is that we are dealing with something that is really widely used and, therefore, can affect many. We are going to explain how they could steal your encryption keys and data.
This vulnerability has been called Downfall. It is a bug that affects Intel processors, CPUs that you can perfectly have on your home computer. It can affect both home users, as well as companies and organizations. They could obtain private data that you have on a device.
Downfall, new Intel failure
The vulnerability has been registered as CVE-2022-40982 and has been detected by a Google security researcher. He ensures that this flaw is present in millions of modern processors, which can be present in personal computers and also in cloud servers. It allows a hypothetical attacker to access and steal data from other users who may share the same computer.
They give as an example a malicious application that can use the downfall attack to steal sensitive personal information. This includes passwords, personal emails, messages, and any other data you may have. In addition, in the case of exploiting this in the cloud, they could access the credentials and data of other users. Undoubtedly, a problem that puts privacy at risk.
But what causes this vulnerability? The problem is caused by memory optimization features in these Intel processors. Due to this vulnerability, they can reveal certain internal hardware registers to the software. That’s where the problem starts. An application that is not trusted, will be able to access that stored data on the computer by other programs that can be trusted.
They have created a website where you can see exactly what this process is like, how they can steal data and compromise privacy. This security researcher was able to steal 128-bit and 256-bit AES cryptographic keys during his experiment. Besides, he could do this in not too long. He indicates that, in the case of 128-bit AES keys, for 100 passwords he was successful in the first execution of the attack. In the case of 256 bits, an 86& success.
High impact
It is very likely that you are affected by this problem, either directly or indirectly. You may have a desktop computer, a laptop or a tablet that uses some Affected Intel processor. But even if you don’t have any such devices, chances are you’re affected through the cloud.
Is it easy to carry out this type of attack? According to the security researcher behind this discovery, it took him a couple of weeks to create an attack to steal information. However, it is necessary that the attacker and the victim share the same physical processor. Without this, there could be no attack. However, it indicates that, in theory, a remote attack could be possible.
Keep in mind that these affected processors have been on the market since 2014. Therefore, it is very likely that you have one manufactured in the last 9 years, unless your device is older than that date. It is expected that Intel will launch patches and updates soon, so from RedesZone we recommend you always have the latest version of the firmware installed. You should not only update the operating system, but also any component or application that you use. On GitHub you can see the Downfall code.
This bug was first reported on August 24, 2022, almost a year ago. During all this time, they have not allowed it to be made public for obvious security reasons. They have worked from Intel to further investigate this issue to see how it might affect users and how to avoid issues.
In short, as you can see, a new security problem affects many processors. Intel and that they have named Downfall. Millions of users around the world may be affected. It is key that you always install the latest versions and have everything updated. We also recommend having the router updated, for which you may need to know the IP of the router to enter.
