Intel Downfall: Severe flaw in billions of CPUs leaks passwords, more

There is a serious security flaw in billions of Intel CPUs that can let attackers steal confidential data like passwords and encryption keys. Firmware updates can fix it, but at a potential significant performance loss.

Well this is bad. “Downfall” is the name Daniel Moghimi, a security expert at Google, has given to a new vulnerability he has discovered in several generations of Intel processors. Attackers can exploit the vulnerability and read data from other programs and memory areas. The vulnerability has already been reported as CVE-2022-40982 and Intel confirmed the flaw here .

Moghimi reported the vulnerability to Intel on August 24, 2022, but only made the vulnerability public today so that Intel had time to release microcode updates that can fix the vulnerability.

Update: Intel’s Downfall was closely followed by AMD’s Inception, a newfound security hole affecting all Ryzen and Epyc processors. We’ve included details at the end of this post.

https://www.pcworld.com/article/2025589/downfall-serious-security-vulnerability-in-billions-of-intel-cpus-how-to-protect-yourself.html

Uh-oh! It looks like you're using an ad blocker.

Our website relies on ads and the generous support of readers like you to keep delivering free, high-quality content. Right now, we are facing serious funding challenges and we need your help more than ever. Disable your ad blocker and this message will vanish. You can also sign up for a membership to enjoy an ad-free experience while supporting our work: https://citizenwatchreport.com/plans/subscriptions/ Your support helps us stay independent, continue our work, and keep content free for everyone. We truly appreciate your understanding and thank you for standing with us.