Security Software

More Information on Spoiler

On March 1, researchers from Worcester Polytechnic Institute in Worcester, MA and the University of Lübeck in Germany published details and a proof of concept exploit they called SPOILER.

 They demonstrated that a malicious actor with insufficient privileges can gain knowledge of a system's virtual address mapping to physical memory addresses. This information can then be used to facilitate attacks like Rowhammer or classic side channel methods like Prime+Probe. The SPOILER exploit, by itself, does not reveal secret data, and is not a speculative execution side channel method.

 After careful assessment, Intel has determined that existing kernel protections, like KPTI, reduce the risk of leaking data across privilege levels. Combined with side channel safe software development practices, like ensuring execution time and control flows are identical regardless of secret data, these protections mitigate classic side channel methods enabled by the SPOILER exploit. Additionally, DRAM modules that are mitigated against Rowhammer style attacks remain protected regardless of the SPOILER exploit.


Was this article helpful?YesNo
0% of users found this helpful

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at www.intel.com.

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.

Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available​ updates.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product or component can be absolutely secure.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.

Copyright Intel Corporation 2020.