Intel Layer 1 Terminal Fault (L1TF) “ForeShadow” Virtualised Platform Exploit
What is it?
The security conscious among you will be well versed in the technicalities of Intel MicroCode exploits such as Spectre and Meltdown, affecting Intel Core, Celeron, Pentium, Xeon and even Atom CPU’s (along with a whole host of AMD based chips). Ever keen to keep Intel’s Security team on their feet, researchers from Belgium, Israel, the USA and Australia have discovered an exploit within intel’s SGX instruction set. On the 14th August 2018, Intel released information regarding this new variant of side channel cached data exploit known as “Foreshadow”, a Layer 1 data cache exploit with the ability to render guest VM data readable to other guests in a virtualised platform that makes use of SGX extensions on an intel CPU.
There’s a difference however, this time, L1TF Foreshadow (referred to as L1TF here on out) only affects Intel CPU’s using SGX, and SGX (Software Guard Extensions) is an instruction set only present on intel’s “Core” line-up of CPU’s. So that’s the old trust Core and Core2 ranges, along with the newer Core i3, i5, i7 and even i9 chips.
Does it affect you?
VooServers enterprise level infrastructure clients and those within our hosted virtual environments will be pleased to know that we do not make use of any “Core” chips from Intel. Our core service backbone, and our bespoke enterprise scenarios are comprised solely of Xeon CPU’s. As such, there is no scope whatsoever for data breaches utilising this exploit for customers within VooServers managed infrastructure.
(There may be a negligible quantity of unmanaged, custom dedicated server customers with aging, legacy hardware that could be affected, however these are not virtualisation environments and hence should pose no risk to customer data. If you feel you are affected by this, please reach out to our support team at email@example.com)