There is a serious security flaw in billions of Intel CPUs that can let attackers steal confidential data like passwords and encryption keys. Firmware updates can fix it, but at a potential significant performance loss.
Well this is bad. “Downfall” is the name Daniel Moghimi, a security expert at Google, has given to a new vulnerability he has discovered in several generations of Intel processors. Attackers can exploit the vulnerability and read data from other programs and memory areas. The vulnerability has already been reported as CVE-2022-40982 and Intel confirmed the flaw here .
Moghimi reported the vulnerability to Intel on August 24, 2022, but only made the vulnerability public today so that Intel had time to release microcode updates that can fix the vulnerability.
Update: Intel’s Downfall was closely followed by AMD’s Inception, a newfound security hole affecting all Ryzen and Epyc processors. We’ve included details at the end of this post.