Since the discovery of Spectre and Meltdown, Intel has been working on improving hardware-level security safeguards for future CPUs. We'll start to see these new security measures in action with the launch of “Tiger Lake” mobile processors, which will include Intel Control-Flow Enforcement Technology.
The need for good cyber security is increasing each day, as millions of attacks happen all over the world. These attacks include social engineering tactics, such as phishing, while others include security exploits and malware. This week, Intel announced its new CPU-level security safeguards to protect against common malware threats. Control-Flow Enforcement Technology, or CET for short, is “designed to protect against the misuse of legitimate code through control-flow hijacking attacks – widely used techniques in large classes of malware.”
Image credit: Intel
“As more proactive protections are built into the Windows OS, attackers are shifting their efforts to exploit memory safety vulnerabilities by hijacking the integrity of the control flow,” said David Weston, director of Enterprise and OS Security at Microsoft. “As an opt-in feature in Windows 10, Microsoft has worked with Intel to offer hardware-enforced stack protection that builds on the extensive exploit protection built into Windows 10 to enforce code integrity as well as terminate any malicious code.”
Intel has previously received complaints about its products not being safe due to many vulnerabilities being found – some said to be impossible to fix. Other security flaws made it possible to steal data through altering the CPU voltage and frequency. However, as of recently Intel has been increasingly dedicated to patching and fixing as many security flaws as possible.
Additional information about how Intel CET works can be found HERE.
Kitguru says: Cyber security is key in this day and age. How much do you consider security when buying a new device?