Skip to main content

Intel CPU flaw lets hackers leak your data: What to do

(Image credit: ullstein bild Dtl./Getty Images)

Popular Intel processors are vulnerable to an attack that can leak data from a CPU's internal memory. 

Called “Snoop-assisted L1 Data Sampling”,  or just Snoop, the attack can be successfully executed on several Intel CPU models, including Core and Xeon processors.  You can view this list to see if the CPU your laptop or desktop uses is vulnerable. 

The attack was discovered by Pawel Wieczorkiewicz, an Amazon Web Services software engineer, who contacted Intel as soon as he realized the problem. Intel determined that a patch released in August 2018 for the Foreshadow vulnerability could be used to protect against this attack. 

Snoop attack: how it works

Modern processors have multiple levels of cache memory (L1, L2, L3), which is used to store frequently requested data so it can be made immediately available to the CPU when needed. 

Data is stored inside multiple CPU caches and a process called cache coherence updates all the levels when changes are made to the L1D cache, which is used for processing data. This is done through Bus snooping, a method used to keep all the levels up-to-date with the latest changes. 

With the Snoop attack, bad actors can break the bus snooping operation and leak data from the cache coherence process. 

What you can do to protect your PC

Your machine probably isn't vulnerable to Snoop because the majority of processors affected are outdated. However, you'll want to make sure any old machines storing sensitive documents get updated with the Foreshadow patches released in 2018. 

Additionally, disabling the Intel TSX (Transactional Synchronization Extensions) will lower your chances of being hacked, as ZDNet notes. 

Keep in mind, the chances of you getting hacked are pretty low considering how difficult the Snoop attach is to pull off.

"Due to the numerous complex requirements that must be satisfied to successfully carry out, Intel does not believe Snoop Assisted L1 Data Sampling is a practical method in real world environments where the OS is trusted," Intel said.