A new security flaw named “Downfall” has been discovered in Intel Processors, which can be exploited to steal information from computers with Intel chipsets. This vulnerability affects multiple Intel CPUs released between 2015-2019 including 6th-gen Skylake to 11th-gen Rocket Lake and Tiger Lake processors. Intel has officially acknowledged this flaw and is working on a fix.
The Downfall security flaw was first discovered by a security researcher named Daniel Moghimi, who released a detailed report of this vulnerability in a blog post. The report says that the Downfall Security Flaw reveals internal hardware registers to any untrusted software. Hackers can use a technique called Gather Data Sampling to steal information from affected computers.
Intel uses an instruction called Gather to speed up specific actions such as collecting scattered data in the memory. However, this setting allows any unauthorized software to gain access to the complete internal vector register of the CPU, which is equivalent to someone having administrator access to your computer.
This flaw can also be used for spying on typed characters and logging every process that is carried out on a system. The researcher has expressed serious concerns about this issue as it leaves millions of computers exposed to hackers.
Downfall Security Flaw Can Affect The Entire Internet
As per Daniel Moghimi, the Downfall vulnerability is not limited to users who own an Intel-powered computer. Instead, this flaw will affect the entire internet because of the huge market share that Intel has in the server market.
Intel has a market share of 82% in server-grade processors. This means that all the businesses that use cloud storage may be affected because of this flaw. Any hacker can exploit this vulnerability and steal sensitive information and credentials from almost every server.
Intels Reputation May Downfall Because of Downfall Vulnerability
Intel has released a complete list of processors that are affected by this security flaw. The company has also started releasing a microcode patch to fix this bug. Intel has advised all of its users to urgently update the BIOS of their computers to the latest version. They are also working closely with computer manufacturers to release product-level updates to patch this flaw.
Intel says that its newer chips like the 12th-gen Alder Lake and 13th-gen Raptor Lake CPUs are not affected by this security issue. The company is also investigating this matter in detail to check if any other products are vulnerable to this flaw or not.
However, Intel will provide an option to opt out of this patch, as this fix can potentially slow down your processor by a small margin. This is because the entire flaw is caused due to a registry instruction that helps to speed up the processor.
But Daniel Moghimi, the person who discovered this flaw is not in favour of opting out of this fix. He recommends users update their systems to the latest BIOS for their own benefit.
