What are the Intel Foreshadow flaws and how can I protect my PC?

If you follow tech news, you may have heard about the latest flaws in Intel’s processor architecture nicknamed Foreshadow. Is Foreshadow anything to worry about? Do you need to do anything more to protect your PC? The computer experts here at Dave’s Computers in New Jersey are here to answer your questions.

What are the Intel Foreshadow flaws?

The Intel Foreshadow flaw is another version of the Spectre and Meltdown issues that were in the headlines over the past year. They involve the processor’s speculative execution system that enables the CPU to line up the data require for the next task ahead of time.

Foreshadow attacks Intel’s Software Guard Extensions (SGX) feature. This feature provides what were thought to be secure data caches on the processor not accessible by programs. It works in the same way as those two other issues, by utilizing speculative execution.

In speculative execution, a processor lines up the data it thinks it might need to run next and preemptively executes it to save time. If the processor gets it right, the hard work has already been done, the processor already knows the results and can move on to the next task. If the processor gets it wrong, it drops the results and begins anew.

The flaws can theoretically access this data gathered ahead of time and can request sensitive data using this method. Even data being cached at L1 of your processor, which was thought to be secure, can in theory be accessed. Foreshadow is one flaw that can allow programs to access this data.

Am I at risk of the Intel Foreshadow flaws?

In theory, everyone who uses an Intel processor bought in the past few years will be vulnerable. However, it is very difficult for a hacker to pull this off and requires they install software onto your computer in order to send the processor the requests. If you keep Windows up to date, use a good quality antivirus and malware scanner and run them regularly, you should be fine.

For extra protection, be careful when downloading from the internet, don’t open email attachments unless you know who they are from and scan everything you download before opening.

If you are concerned about what you’re hearing about the Intel Foreshadow flaws, keep Windows updated, or Mac OS if you use an Intel Mac, update your motherboard BIOS if there is an update and make sure your antivirus and malware scanners are always running in the background.

While this is a theoretical attack vector for all computers that use Intel processors, it is actually extremely difficult to pull off. A specific set of circumstances need to happen in order to allow someone access to these flaws. If you follow good computer and internet hygiene, it shouldn’t happen to you.

If you have any concerns about the Intel Foreshadow flaws, the computer repair guys at Dave’s Computers in New Jersey can help. Bring your computer to our store and we will see what we can do!