Intel addressed a report from security researchers that its SGX security platform can be breached.The chipmaker issued an advisory to address the claims from Positive Technologies that its team was able to extract both the Root Provisioning Key and Root Sealing Key from Intel processors via hardware access.SGX is the key component to the secure enclave system that Intel uses to isolate processes from one another at the hardware level. Should an attacker be able to steal those keys, they would essentially have unfettered access to all other processes running on the system, including those operating at root level.Intel, however, sought to tamp down any panic from the reports, claiming that the described attack is nowhere near as menacing as it seems.“The external parties mentioned are running tests on systems they have physical access to, which are not up to date with the latest mitigations and are not properly configured with Intel recommended Flash Descriptor write protection (which occurs as part of end of manufacturing by system manufacturers),” the advisory read.“Researchers are using previously mitigated vulnerabilities dating as far back as 2017 to gain access to what we call an Intel Unlocked state (aka ‘Red Unlocked’) so these findings are not surprising.”Intel also noted that in this case the researchers were only able to retrieve the keys in their encrypted state, not as plain text. This would leave any attacker with plenty of extra work in order to complete their system compromise.Fortunately, the chipmaker said there is an easy enough remedy. System vendors can protect from the attacks by using the latest firmware builds and updates, while admins can make sure they are protected from attack by making sure their systems are fully updated and have the Intel Firmware Version control.Hardware level attacks are often seen as a sort of holy grail for hackers, as they allow for not only complete control over the target machine, but also persistence to overcome updates and reinstallations.Fortunately, such attacks are highly difficult to come by, and many either require direct access to the system or take impractically long periods of time to complete.
Intel claps back at report of SGX key theft
Related Posts
Nokia investigates breach after hacker claims to steal source code
Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company’s stolen source code. “Nokia is aware of reports that an unauthorized actor…
Linux Lite just got a useful AI feature for desktop – and it's more subtle than you think
It’s a simple but effective desktop. Jack Wallen/ZDNETAI is being promoted everywhere. Many Linux distributions have already proclaimed they will never add it to the desktop (as Apple and Microsoft…