Intel add CPU-level malware protection technology CET to Tiger Lake processors

Intel has announced a CPU-level malware protection feature called Control-Flow Enforcement Technology (CET), which aims to improve the security of software and hardware. Control-Flow Enforcement Technology is mainly used to fight against the malicious code of malicious software.

Intel researchers said that the company is working with Microsoft and other industry partners to replace hardware-level flow control with software-level flow control.

This technology can protect the information flow and prevent malicious software from hijacking. At the software level, it can also fight against malicious software and bypass security protection software to implement advanced attacks.

In terms of solutions, the CET mainly responds to the hijacking by creating a shadow stack and indirect branch tracking technology to prevent malicious software from changing the memory code.

At present, much professional-level malware hijack via tampering with the code of legitimate software in memory. This method can bypass security software defense.

The new control flow implementation technology helps to combat this hijacking, of course, the premise is that users must purchase Intel’s new processor to obtain this security protection.

Intel said it currently supports only Tiger Lake processors for CET, which is the latest processor Intel has introduced for mobile platforms.

However, in the future, the company will also extend the CET to other platforms, and processors such as desktop and server product lines will also be supported.

At the same time that Intel announced the news, Microsoft also announced on the blog that the company is about to start testing the Control-Flow Enforcement Technology in the Windows 10 Insider Preview.

Microsoft will expand the current control flow integrity solution at the software level only with the new solution announced by Intel, which is relatively more secure at the hardware level.

This feature will also be integrated into Microsoft Defender antivirus software by Microsoft. Microsoft renamed it as a hardware-enhanced stack protection service.

Microsoft said the advantage of Control-Flow Enforcement Technology is that it is built into the micro-architecture, which can provide more reliable and powerful services for kernel-level products.

Via: arstechnica