HomeWinBuzzer NewsMicrosoft and Intel Respond to Emerging Spectre Variant 2 CPU Security Flaw

Microsoft and Intel Respond to Emerging Spectre Variant 2 CPU Security Flaw

New Intel CPU flaw (CVE-2022-0001) lets attackers steal data. Affects most Intel CPUs since 2015.

-

has published guidance to address a newly identified vulnerability in CPUs, known as CVE-2022-0001, which pertains to Branch History Injection (BHI), a specific variant of intra-mode Branch Target Injection (BTI). This vulnerability, disclosed on April 9, 2024, enables attackers to manipulate branch history, potentially leading to the leakage of sensitive information. The flaw exploits the ' branch prediction mechanism, affecting a broad range of Intel CPUs from the 6th Generation (Skylake) onwards.

Understanding the Vulnerability

The Branch History Injection vulnerability allows attackers to influence the indirect branch predictor, causing it to select a specific entry for an indirect branch. This manipulation can lead to transient execution of unauthorized code, exploiting the branch mispredictions. Despite the presence of hardware mitigations like Enhanced Indirect Branch Restricted Speculation (EIBRS) for Intel and CSV2 for ARM, Spectre v2, also referred to as Spectre-BHB, BHI, or BTI, circumvents these protections by utilizing a branch history buffer (BHB). This method of attack is particularly concerning because it can operate across different security contexts, including user to supervisor mode transitions and virtual machine (VM) guest to host mode transitions.

Mitigation and Impact

To counteract this vulnerability, Microsoft has provided detailed instructions for Windows users on how to enable mitigations through registry edits. While these measures are crucial for protecting against potential breaches, they come with a caution regarding the possibility of performance impacts. Intel has also updated its advisory to include new software techniques developed by VU Amsterdam researchers, aimed at identifying and exploiting disclosure gadgets through BHI. These updates underscore the ongoing efforts by both Microsoft and Intel to address and mitigate the security risks posed by the Branch History Injection vulnerability.

In conclusion, the discovery of the BHI vulnerability in Intel CPUs necessitates immediate action from users and administrators of affected systems. By following the guidance provided by Microsoft and staying informed about further updates from Intel, stakeholders can safeguard their systems against this sophisticated form of cyber threat.

SourceMicrosoft
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.