Foreshadow is a new major vulnerability discovered for the company's processors Intel, a group of researchers from universities in Belgium and the USA discovered that the problems of the Americans are not over yet. According to these computer security researchers, the Foreshadow vulnerability exists even in processors released after 2015 by those from Intel, and for the first time it also affects servers used in the cloud infrastructure, or virtual machines.
Foreshadow is officially recognized by the Intel company, which published on its website a list of processors that are affected by this major vulnerability, the third after Meltdown and Spectre. Just like the vulnerabilities before it, Foreshadow allows the theft of data from the computers of users who would not even know that hackers have exploited their operating system in any way, and there are currently no protection measures.
Foreshadow: New CRITICAL VULNERABILITY of Intel Processors
Foreshadow would not have been exploited by any hacker group until now, or at least that's what the Intel company says, which claims that it hasn't found any evidence that this happened. Intel has been notified since January about the Foreshadow vulnerability, so when it announced the world about Meltdown and Spectre, but until now it has avoided providing any official information about this problem, even though the 8th generation processors are affected.
"Foreshadow is a speculative execution attack on Intel processors which allows an attacker to steal sensitive information stored inside personal computers or third party clouds. Foreshadow has two versions, the original attack designed to extract data from SGX enclaves and a Next-Generation version which affects Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory .”
Foreshadow is a vulnerability whose attack method is different from those used for Meltdown and Spectre, and the security measures implemented at least to block Meltdown are not able to stop it. In this idea, Windows, macOS, Linux, and the rest of the operating systems will need new patches to block Foreshadow as well, but considering how long it took to block Meltdown and Specter, no one knows how long it will be needed now.
