September 20, 2020

Microsoft releases security update to fix Swapgs attack in Intel processor

2 min read

Earlier we mentioned that Bitdefender published a research paper saying that a new bypass attack security vulnerability was discovered in the speculative execution capabilities of Intel’s modern processors. This security vulnerability is essentially similar to the previous Meltdown and Spectre series vulnerabilities. Bitdefender found that all current Intel microcode updates are unable to stop this vulnerability, so Intel has introduced a new microcode update patch.

Intel Management Engine vulnerability

Vulnerability-based hazards are so great that Bitdefender worked with Intel to fix the vulnerability several years ago until recently the vulnerability was resolved. Therefore, Bitdefender disclosed this vulnerability in the latest security report, and each software developer is naturally ready for a new security update before disclosure. For example, Microsoft actually fixed the vulnerability as early as last month’s routine update, but Microsoft did not release any information about the patch. This week, the Microsoft Security Center released a new security report introducing the CVE-2019-1125 vulnerability. This flaw is a security vulnerability discovered by Bitdefender.

Microsoft said in the security guide that this update does not require device manufacturers to push microcode updates, etc. because Microsoft has fixed this vulnerability through software updates. The so-called software update fix is ​​Microsoft’s way of adjusting the processor’s speculative execution access memory, which is used to mitigate the information leakage that may be caused by the vulnerability. Of course, as you might expect, this update is actually related to hyper-threading. These mitigation methods will reduce the performance of the processor, that is, turn off Hyper-Threading technology.

In addition to the previous Spectre and Meltdown series vulnerabilities and their variants, the mitigation of the above vulnerabilities is to turn off Hyper-Threading technology to ensure overall security. Of course, the performance degradation caused by turning off Hyper-Threading technology is also objective, although Intel said that mitigating the vulnerability is a very low-performance loss.