New SWAPGS vulnerability impacts CPUs of Windows systems
- SWAPGS is a speculative-execution vulnerability, which could allow attackers to read data from kernel memory.
- Reported as CVE-2019-1125, the flaw is said to affect all CPUs manufactured by Intel from 2012.
A new Spectre-like vulnerability affecting processors in Windows-based machines has been unearthed by security researchers. Dubbed as ‘SWAPGS’, the flaw is a speculative-execution vulnerability which is said to be impacting CPUs made by both Intel and AMD. The flaw was discovered by researchers from Bitdefender. According to the researchers, SWAPGS can be exploited through side-channel attacks, and allows attackers to access privileged data in the machine.
- Tracked as CVE-2019-1125, SWAPGS is said to affect CPUs manufactured by both Intel and AMD. However, AMD said that its processors are not impacted by the flaw.
- Bitdefender researchers have published a whitepaper which details a side-channel attack to SWAPGS flaw. The attack leverages the SWAPGS instruction that is found in 64-bit CPUs and can be exploited to give access to sensitive information from kernel memory.
- SWAPGS flaw is similar to the Spectre vulnerability, which is also based on speculative-execution.
- It is believed that Linux-based systems are also impacted by the flaw.
Vendors acknowledge the flaw
Microsoft, Intel, and Red Hat have all released security advisories regarding SWAPGS flaw. While Red Hat fixed products affected with SWAPGS flaw with the release of software updates, Microsoft patched this in its July 2019 update.
Gavin Hill, Vice President, Datacenter and Network Security Products at Bitdefender suggests that attackers could compromise very sensitive information by exploiting SWAPGS.
“Criminals with knowledge of these attacks would have the power to uncover the most vital, best-protected information of both companies and private individuals around the world, and the corresponding power to steal, blackmail, sabotage and spy,” Hill told Forbes.