The issue affects PCs, laptops and servers

Scientists in Switzerland have discovered a new vulnerability in Intel processors related to the command prediction function. This technology allows computers to speed up by predicting what actions need to be performed next. But it is this very same vulnerability that has caused yet another security problem.

The vulnerability was discovered by specialists from the COMSEC group at ETH Zurich. According to them, it can be used by an attacker to gain access to another user’s data if both are using the same processor. This is especially relevant for cloud services, where many clients work on the same equipment.

The error is called BPRC and occurs at the processor level in those split seconds when it switches between user tasks with different access levels. With a certain sequence of actions, this allows access to data stored in temporary memory – cache and RAM.

The attack does not work immediately – you can only get one byte of information at a time, but the procedure can be repeated quickly and read memory at a speed of up to 5000 bytes per second. This means that with enough time, the entire volume of data can be extracted.

The problem was discovered back in September 2024. Intel has already started implementing protective measures through BIOS and operating system updates. However, researchers believe that the architecture of processors with speculative execution function itself remains vulnerable and requires deep reworking.

Source: Tech Xplore

Spread the love