Bogdan Botezatu, director of threat research at BitDefender, leans across the table in a hotel lobby coffee shop to make his point. "When you're a CISO, there is no single of vulnerability you're aware of that doesn't keep you awake at night." The new vulnerability his team of researchers found — the vulnerability they will reveal in a press conference this evening — is one that he says should definitely contribute to CISO insomnia.
The new vulnerability, dubbed SWAPGS by the BitDefender research team, is a speculative execution vulnerability that Botezatu says is similar in some respects to Spectre and Meltdown. "What we have done is to manipulate this instruction called SWAPGS in order to sample information from the realm of the operating system memory into the user space," he explains.
SWAPGS is an instruction that swaps the contents of a particular register with the contents of a specific memory location. The instruction is defined as a privileged instruction that should be available only to system software, such as a hypervisor. One of the things that makes the instruction dangerous when exploited is that it can provide rapid access to certain data structures used by the operating system kernel.
When the instruction is manipulated, Botezatu says, "This can lead to all sorts of trouble like leaking out information about passwords, encryption, keys, tokens, authentication, cookies, and other sensitive information that goes through the processor."
Like many of the other speculative execution exploits that have been found, SWAPGS doesn't allow the attacker to manipulate the data being stored in the memory location — it only a ..
Support the originator by clicking the read the rest link below.
