Intel: BranchScope vulnerability does not require new patches

Posted on Wednesday, March 28 2018 @ 13:42 CEST by Thomas De Maesschalck

Earlier this week, I reported about new branch prediction vulnerabilities that were discovered by an international team of university researchers. In a statement to The Register, Intel commented that BranchScope is most likely covered by existing software mitigations for previously known side channel exploits.

Additionally, Intel also responded to the discovery of a vulnerability pertaining to the Intel SGX. There was some buzz about a flaw in Intel SGX that could allow criminals to stealthily steal Bitcoins, but Intel claims it's nothing new:

Intel characterised the presentation and the paper (PDF) describing it as a known method, described here,and re-heated to consider Bitcoin.

“This presentation describes a previously known method to recover an RSA key from an enclave containing RSA crypto code that is vulnerable to a side channel exploit,” an intel spokesperson said. “This can be prevented by SGX application developers through utilization of an appropriate side channel attack-resistant crypto implementation inside the enclave.” Intel pointed us

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!