A new vulnerability could affect all Intel PCs made after 2012, but a patch is available

What you need to know

  • A vulnerability could allow attackers to access information stored in a system's protected kernel memory.
  • All Windows PCs with an Intel processor built after 2012 are affected.
  • A security patch is available to address the problem and has already rolled out through July's Patch Tuesday.

A newly found vulnerability puts all Windows PCs with an Intel processor built after 2012 at risk (via ZDNet). The side-channel attack can bypass protections that were put in place to protect devices from the Spectre and Meltdown exploits. A bug fix to the issue rolled out as part of July Patch Tuesday. Devices that have delayed the update or that are unsupported are still at risk.

The bug exploits SWAPGS, and as a result has gained the name SWAPGSAttack. If an attacker successfully utilized SWAPGSAttack, they could monitor and steal sensitive information without being noticed or leaving a trace. Bitdefender has a post explaining the vulnerability and has published a whitepaper on it. The post explains how an attack taking advantage of this vulnerability is unique.

The attack is a novel approach of leaking sensitive information from the kernel since it bypasses all known side-channel attack mitigation techniques. This is achieved by abusing the fact that SWAPGS instruction can be executed speculatively. An attacker can force arbitrary memory dereferences in kernel, which leaves traces within the data caches. These signals can be picked-up by the attacker to infer the value located at the given kernel address.

Bogdan Botezatu, director of threat research at Bitdefender, explained in a statement to ZDNet how the vulnerability could be used by an attacker to get sensitive data, including passwords.

It'll go through all of the alphabet letters up until it can infer what your password is. So I can infer information about your password by querying things. I can infer information about encryption keys you have on the device, I can infer information about everything that goes into that cache.

This type of attack is slower than some methods but can be used in situations in which an attacker has a long time.

BitDefender discovered the vulnerability and revealed it at a Black Hat session recently. Black Hat worked with Intel, Microsoft, and others to create the fix that rolled out as part of Patch Tuesday in July.

Portable (and affordable) power accessories we love

Each and every one of these charging gadgets will keep your favorite gear and gadgets going for longer, and none of them costs more than $30.

VisionTek 8,000 mAh micro-USB power bank ($13 at Dell)

This compact dual-output powerbank can speedily recharge any and all your devices, thanks to a two-amp "fast charge feature," using its micro-USB out port. Its simple design includes an LED indicator, and it costs about as much as a single ticket to the movies.

Panasonic eneloop AA batteries (From $13 at Dell)

Panasonic's rechargeable batteries are among the best available, and just a couple of them will keep your favorite remote, mice or other peripherals powered up when you need them. They're also eco. And the company's affordable charger fits and charges both AA and AAA batteries at the same time.

Belkin Qi Wireless Charging Pad ($30 at Dell)

This unobtrusive Qi wireless charging pad looks good (and kind of like a UFO …) and easily charges all your Qi-compatible device up to 5W. Its LED indicator lights up when you're charging. And it costs just $30.

CATEGORIES
Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.