Hardware changes in chips shipping later this year aim to replace performance-draining software patches
Intel has said it plans to ship new processors that contain hardware fixes for the Meltown and some variants of the Spectre attacks disclosed earlier this year, in a move that could save users from having to rely on performance-impeding software fixes.
Separately, Microsoft said it plans to run a limited-time bug bounty programme this year offering hundreds of thousands of dollars for bugs similar to Meltdown and Spectre, saying it recognised such issues are a “new class of vulnerability”.
The next generation of Xeon Scalable Processors, ‘Cascade Lake’, and a range of 8th generation Core chips containing the fixes will ship in the second half of this year, Intel said.
The bugs allow malicious code to read from protected kernel memory, in the case of Meltdown, or other applications’ memory, in the case of Spectre, enabling them to steal sensitive information such as passwords.
The new hardware protects against Version 2 of the Spectre attacks, but not Version 1, which will continue to need software fixes, Intel said. Version 1 affects applications that use security-protected sandboxes for running potentially dangerous code.
Current protections against Spectre Version 2 involve both operating system alterations and processor microcode fixes.
The Meltdown attack is currently fixed in software patches, but these may make some chips run significantly more slowly. The upcoming hardware will make it unnecessary to use those software patches, Intel said.
The company said it has redesigned its chips to introduce a partitioning system that prevents the types of data leaks involved in the Meltdown and Spectre type of attacks.
“Think of this partitioning as additional ‘protective walls’ between applications and user privilege levels to create an obstacle for bad actors,” Intel chief executive Brian Krzanich said.
Krzanich said Intel has now released microcode updates for all of its chips launched in the past five years that are vulnerable to Meltdown and Spectre. The microcode is available from operating system and motherboard makers.
Intel didn’t release further technical details of its hardware redesign.
Microsoft said its bug bounty programme, which is planned to run until the end of this year, would pay for speculative execution side-channel exploits similar to Meltdown and Spectre.
The company said its programme aims “to encourage research into the new class of vulnerability and the mitigations Microsoft has put in place to help mitigate this class of issues”.
Microsoft said it will pay up to $250,000 (£179,000) for a “Tier 1” speculative execution attack, as well as up to $200,000 for a “Tier 2” Azure mitigation bypass or a “Tier 3” Windows mitigation bypass.
Researchers will be awarded up to $25,000 for vulnerabilities in Windows 10 or Microsoft Edge. Such bugs must “enable the disclosure of sensitive information across a trust boundary”, Microsoft said.
“Speculative execution side channel vulnerabilities require an industry response,” said Phillip Misner, principal security group manager at the Microsoft Security Response Center, in a prepared statement. “To that end, Microsoft will share, under the principles of coordinated vulnerability disclosure, the research disclosed to us under this programme so that affected parties can collaborate on solutions to these vulnerabilities.”
Do you know all about security? Try our quiz!