Blog icon

15 August 2018 News Release

The vulnerability affects Intel's Software Guard Extension (SGX) technology, a new feature in modern Intel CPUs which allows computers to protect users' data in a secure 'fortress' even if the entire system falls under an attacker's control.

The two teams that independently and concurrently discovered Foreshadow have published a report on the vulnerability, which causes the complete collapse of the SGX ecosystem and compromises users' data.

"SGX can be used by developers to enable secure browsing to protect fingerprints used in biometric authentication, or to prevent content being downloaded from video streaming services," Dr Yuval Yarom from CSIRO's Data61 and the University of Adelaide's School of Computer Science said.

"Foreshadow compromises the confidentiality of the 'fortresses', where this sensitive information is stored and once a single fortress is breached, the whole system becomes vulnerable."

The researchers reported these findings to Intel earlier this year, and the company's own analysis into the causes of the vulnerability led to the discovery of a new variant of Foreshadow, called Foreshadow-NG which affects nearly all Intel servers used in cloud computing.

Foreshadow-NG is theoretically capable of bypassing the earlier fixes introduced to mitigate against Meltdown and Spectre, potentially re-exposing millions of computers globally to attacks.

"The SGX feature is widely used by developers and businesses globally, and this opens them up to a data breach that can potentially affect their customers as well," Dr Yarom said.

"Intel will need to revoke the encryption keys used for authentication in millions of computers worldwide to mitigate the impact of Foreshadow.

"Intel's discovery of the Foreshadow-NG variant is even more severe but will require further research to gauge the full impact of the vulnerability."

Intel has since released patches, updates and guidelines to resolve both Foreshadow and Foreshadow-NG.

Researchers have not yet tested if similar flaws exist in processors of other manufacturers.

Adrian Turner, CEO of CSIRO's Data61, said this is a significant discovery that shows the far-reaching impact of Meltdown and Spectre and reinforces the role of research for discovering and preventing flaws.

"Experts like Dr Yarom play a vital role in finding vulnerabilities, responsibly disclosing them and developing trustworthy systems to keep critical infrastructure secure," Mr Turner said.

"Data61 has also joined the RISC-V Foundation's security task group which aims to prevent the likes of Meltdown and Spectre from occurring again."

The two teams that discovered Foreshadow include:

Jo Van Bulck, Frank Piessens, Raoul Strackx (imec-DistriNet, KU Leuven) Marina Minkin, Mark Silberstein (Technion), Ofir Weisse, Daniel Genkin, Baris Kasikci, Thomas F. Wenisch (University of Michigan), Yuval Yarom (CSIRO's Data61 and University of Adelaide)

For Australians concerned about security, more information on how to be protected can be found at: Foreshadow

Contact us

Find out how we can help you and your business. Get in touch using the form below and our experts will get in contact soon!

CSIRO will handle your personal information in accordance with the Privacy Act 1988 (Cth) and our Privacy Policy.


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

First name must be filled in

Surname must be filled in

I am representing *

Please choose an option

Please provide a subject for the enquriy

0 / 100

We'll need to know what you want to contact us about so we can give you an answer

0 / 1900

You shouldn't be able to see this field. Please try again and leave the field blank.