A New Intel CPU Exploit which uses Hyper-threading to steal encrypted data

A New Intel CPU Exploit : As if the Intel CPU couldn’t catch a break. A team of researches discovered a serious side-channel vulnerability in the CPU which could allow the attacker to find protected data like OPENSSL keys, Cypto Keys, Passwords and other processes that are running but only if the CPU has multi-threading feature enabled. They have dubbed the Vulnerability PortSmash (CVE-2018-5407), This Vulnerability is just as dangerous as the Meltdown and Spectre, TLbleed and Foreshadow.

So how do you protect yourself for the PortSmash vulnerability? The only method right now is to disable SMT/Hyper-Threading in the CPU chip’s BIOS until Intel releases security patches.

OpenSSL software is offering users a patch that can prevent the exploit from its own software.

Leave a Comment