Security Software

More information on SWAPGS and Speculative only Segment Loads

On August 6, 2019, researchers at BitDefender* published details on two issues they reported to both Intel and Microsoft* as part of coordinated vulnerability disclosure (CVD).

SWAPGS

Researchers from BitDefender published a paper entitled, "Bypassing KPTI Using the Speculative Behavior of the SWAPGS Instruction." This information disclosure vulnerability can be used to speculatively access memory, potentially allowing a malicious actor to read privileged data across trust boundaries.

After assessing this issue with industry partners, we determined that the best mitigation would be at the software layer. Microsoft agreed to coordinate remediation efforts, working with the researchers and other industry partners. Microsoft released their software update to address this issue in July 2019 and today published their security advisory as part of the CVD process. 

Some Linux* OS vendors may elect to release updates for their products. Please check with your Linux OS vendor for details.

Speculative only Segment Loads

Researchers from BitDefender also published a paper entitled, "Security Implications Of Speculatively Executing Segmentation Related Instructions On Intel CPUs." Intel expects, as stated in the paper, that the exploits described by the researchers are addressed through the use of existing mitigation techniques.

We believe strongly in the value of coordinated disclosure and value our partnership with the research community. As a best practice, we continue to encourage everyone to keep their systems up-to-date.


Was this article helpful?YesNo
0% of users found this helpful

Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Performance varies depending on system configuration. Check with your system manufacturer or retailer or learn more at www.intel.com.

All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps.

Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.

Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.

Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available​ updates.

The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.

Intel provides these materials as-is, with no express or implied warranties.

No product or component can be absolutely secure.

Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries.

*Other names and brands may be claimed as the property of others.

Copyright Intel Corporation 2020.