Intel is also focusing its security on speculative killings, and new threats attack its employees as well, and should try again to stop the negative image of this type of news we provide to the company.
You can't say that the blue giant was not taking action on this issue, but unlike its rivals, the problems don't stop. This last vulnerability is defined as CacheOut and its name is closely linked to the process and component CPU that can break.
CacheOut: your data is not secure, yet
CacheOut It's a new attack kill attack that is able to filter data from certain Intel CPUs through a series of security restrictions.
Although the company claims that the problems of these types of attacks have been resolved, the issue of vulnerability such as attacking an integral part of processors such as first-level cache.
The vulnerability allows the attacker to filter any confidential information stored in the specified memory, where unlike previous problems MDS, said that an attacker can select any data before it is activated or available, so you don't have to wait for the L1 cache to process it.
The problem is that they are not available for this accident (CSE, University of Adelaide, University of Michigan, VUSec and DATA 61
Intel already has a ready solution and a list of affected structures
Intel has already put the microcode update in the hands of its competitors to deal with design weaknesses and has also recommended possible reductions for all operating system vendors. Therefore, new updates from UEFI and Windows / Linux can be expected to reduce CacheOut results.
Intel has provided a list of affected and unaffected construction processors, which is to be expected as it has evolved into a Skylake architecture, all managers after the 7000 series should receive these reductions as soon as they become available.
CacheOut is divided into CVE-2020-0549: L1D Eviction Sampling (L1Des) Leaks » and assumes a CVSS value of 6.5, and is therefore unambiguously determined to be an intermediate sensitive.
At present, its competitor AMD sees this risk over and over again, when its management is unaffected and its users should not be concerned in this case.
