A new vulnerability that attacks all Windows PCs equipped with an Intel CPU has been discovered. It’s called SWAPGSAttack and it has people worried about the safety of their data. This vulnerability is known to be able to bypass the infamous Spectre and Meltdown protections on your device.
In case you lost me there, don’t worry. Spectre and Meltdown are two well-known system vulnerabilities that affected x86, IBM and even some ARM-based microprocessors. They were deemed dangerous in terms of data security and over time, protective measures have been taken in order to prevent them from ever occurring. All was good until SWAPGSAttack was discovered by Bitdefender’s research team.
Regarding this new threat, Microsoft’s advisory says, “An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries”. This means that regardless of how safe you think your data is, it can be accessed. Regarding the preventive measures, the advisory added, “Customers who have Windows Update enabled and applied the security updates are protected automatically”. This means that now would be a good time to let your Windows update automatically in order to prevent a data breach.
AImage: ThreatpostWhile Bitdefender team only deemed it dangerous for devices with Intel chipsets, Red Hat and Microsoft believe that it may affect AMD and even some ARM-based processors as well. The theory behind this is that SWAPGSAttack is a type of Spectre, at the end of the day. Since Spectre affected all the aforementioned microprocessors, SWAPGSAttack might do it as well.
For all you nerds out there who would want to know the story behind the weird name of SWAPGSAttack, it’s surprisingly simple. This vulnerability exploits SWAPGS, which happens to be an instruction found in devices with x86/64 CPUs. As you might have guessed, this instruction switches the system to start addressing the protected memory set aside for operating system kernels.
For now, all we can do is hope that Windows provides us with an update or a patch that permanently fixes this problem. While there’s no guarantee that any update can prevent future attacks, we can hope that the developers behind these Operating Systems can provide speedy fixes to minimize the damage.