Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review
MSI Clutch GM31 Lightweight​ (+Wireless) mice review
AMD Ryzen 9 7900 processor review
AMD Ryzen 7 7700 processor review
AMD Ryzen 5 7600 processor review

New Downloads
CPU-Z download v2.04
Intel ARC graphics Driver Download Version: 31.0.101.4090
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download
HWiNFO Download v7.36
MSI Afterburner 4.6.5 (Beta 4) Download


New Forum Topics
AMD Fluid Motion feature? AMD Polaris (RX 400/500) users unable to play Forspoken AMD Ryzen 7000X3D is not overclockable, however will support for PBO 2 and the Curve Optimizer Possible implementation of video card led control The Samsung Galaxy S23 is rumored to cost an additional 150 Euros (+specs) Intel Shares Fourth-Quarter and Full-Year 2022 Financial Results NVIDIA GeForce 528.24 WHQL driver download & Discussion Fine Utilise Power of RadeonPRO Software & SweetFX Part 2 Performance for Free: Unlocking Resizable Bar for unsupported AMD GPUs (Polaris, VEGA, Radeon VII) Forspoken implements Microsoft's DirectStorage API, offers faster load times but lowers frame rate




Guru3D.com » News » Intel CET Answers Call to Protect Against Common Malware Threats

Intel CET Answers Call to Protect Against Common Malware Threats

by Hilbert Hagedoorn on: 06/15/2020 03:27 PM | source: | 2 comment(s)
Intel CET Answers Call to Protect Against Common Malware Threats

Intel are announcing a new security capability. Intel Control-Flow Enforcement Technology (Intel CET) will be first available on Intel's upcoming mobile processor code-named "Tiger Lake." Intel CET delivers CPU-level security capabilities to help protect against common malware attack methods that have been a challenge to mitigate with software alone.

Intel CET is designed to protect against the misuse of legitimate code through control-flow hijacking attacks – widely used techniques in large classes of malware. Intel CET offers software developers two key capabilities to help defend against control-flow hijacking malware: indirect branch tracking and shadow stack. Indirect branch tracking delivers indirect branch protection to defend against jump/call-oriented programming (JOP/COP) attack methods. Shadow stack delivers return address protection to help defend against return-oriented programming (ROP) attack methods. These types of attack methods are part of a class of malware referred to as memory safety issues, and include tactics such as the corruption of stack buffer overflow and use-after-free. For technical details, see A Technical Look at Intel’s Control-Flow Enforcement Technology.

According to TrendMicro’s Zero Day Initiative (ZDI), 63.2% of the 1,097 vulnerabilities disclosed by ZDI from 2019 to today were memory safety related. These malware types target operating systems (OS), browsers, readers and many other applications. It takes deep hardware integration at the foundation to deliver effective security features with minimal performance impact.

Intel was the first to tackle these complex security challenges, and we remain committed to working with the industry to drive security innovation. We recognized that scaling OS and application adoption to truly solve the problem would require industrywide collaboration. To accelerate adoption, we published the Intel CET specifications in 2016. Additionally, Intel and Microsoft have been working closely to prepare Windows 10 and developer tools so applications and the industry at large can offer better protection against control-flow hijacking threats.

“As more proactive protections are built into the Windows OS, attackers are shifting their efforts to exploit memory safety vulnerabilities by hijacking the integrity of the control flow,” said David Weston, director of Enterprise and OS Security at Microsoft. “As an opt-in feature in Windows 10, Microsoft has worked with Intel to offer hardware-enforced stack protection that builds on the extensive exploit protection built into Windows 10 to enforce code integrity as well as terminate any malicious code.”

Intel CET

» Click for full image

Microsoft’s upcoming support for Intel CET in Windows 10 is called Hardware-enforced Stack Protection, and a preview of it is available today in Windows 10 Insider Previews. This new Hardware-enforced Stack Protection feature only works on chipsets with Intel CET instructions. It relies on a new CPU architecture that is compliant with Intel CET specifications. For applications running on an OS that supports Intel CET, users can expect detailed guidance from our partners on how applications “opt-in” for protection.

The significance of Intel CET is that it is built into the microarchitecture and available across the family of products with that core. While Intel vPro® platforms with Intel® Hardware Shield already meet and exceed the security requirements for Secured-core PCs, Intel CET further extends advanced threat protection capabilities. Intel CET is also expected to be available in future desktop and server platforms.

As our work here shows, hardware is the bedrock of any security solution. Security solutions rooted in hardware provide the greatest opportunity to provide security assurance against current and future threats. Intel hardware, and the added assurance and security innovation it brings, help to harden the layers of the stack that depend on it.

The security of our products is an ongoing priority, not a one-time event. Together with our partners and customers, we continue to build a more trusted foundation for all computing systems.

Tom Garrison is vice president of the Client Computing Group and general manager of Security Strategies and Initiatives (SSI) at Intel Corporation.



Intel CET Answers Call to Protect Against Common Malware Threats




« Review: Crucial Ballistix Gaming DDR4 3200 MHz 64 GB (4x 16GB) · Intel CET Answers Call to Protect Against Common Malware Threats · ASUS announces RT-AX86U and RT-AX82U gaming routers »

Related Stories

Video from Intel CEO Bob Swan to COMPUTEX: did Intel give up on benchmarks? - 06/03/2020 08:46 AM
In what is a rather long, and at some points baffling to hear video posted by CEO Bob Swan in  Computex video, Intel pretty much gave up on benchmarks, as people should focus more on the 'platform...

Intel CEO confirms 7nm CPUs in 2021 - 07/18/2019 02:26 PM
Intel CEO Bobert Swan announced on the Intel 2019 Investors Day that their 7nm CPUs will appear 2021. He also talked a bit about the actual delay....

Intel CEO Krzanich Resigns After Relationship With Employee - 06/21/2018 04:16 PM
So yes, it's kind of a vulnerability to the man, isn't it? CEO Krzanich steps down as chief executive officer after the chipmaker learned he had previously had a "consensual relationship with...

Intel CEO Outlines Future of Computing - 01/07/2015 10:15 AM
Intel announced a number of technology advancements and initiatives aimed at accelerating computing into the next dimension. The announcements include the Intel Curie module, a button-sized hardware p...

Shuttle releases Slim PC with Integrated Intel Celeron 847 Processor - 08/01/2013 08:22 AM
Shuttle today announces the Europe-wide delivery of a Slim PC with Intel Celeron 847 processor. The machine, marketed under the name DS47, is approximately 39 mm thin. Due to its robust exterior, it i...


anticupidon



Posts: 7057
Joined: 2008-03-06

#5799690 Posted on: 06/15/2020 03:38 PM
Intel, start with practising what you preach.
Give us the possibility of seeing the actual code of the Intel Management Engine or at least the real possibility to switch it off completely.
Oh wait, IME is not malware, it just acts like it. It's not a bug, it's a feature - is not funny anymore.

asturur
Senior Member



Posts: 1299
Joined: 2010-05-12

#5799742 Posted on: 06/15/2020 06:30 PM
i think IME is a full other OS basically, has a full TCP/IP stack too.

And on top of this, how much this protection cost in term of performances for application that opts in?

Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023