Intel CPU侧信道漏洞Foreshadow/L1TF

2018-08-16 10:42:10
漏洞曝光时间:2018-08-16漏洞风险程度:高危漏洞曝光程度:已经公开受漏洞影响软件以及版本: Intel Xeon Processor Scalable Family 0Intel Xeon Processor E7 v4 Family 0Intel Xeon Processor E7 v3 Family 0Intel Xeon Processor E7 v2 Family 0Intel X
漏洞曝光时间:2018-08-16
漏洞风险程度:高危
漏洞曝光程度:已经公开
受漏洞影响软件以及版本:

Intel Xeon Processor Scalable Family 0
Intel Xeon Processor E7 v4 Family 0
Intel Xeon Processor E7 v3 Family 0
Intel Xeon Processor E7 v2 Family 0
Intel Xeon Processor E7 Family 0
Intel Xeon Processor E5 v4 Family 0
Intel Xeon Processor E5 v3 Family 0
Intel Xeon Processor E5 v2 Family 0
Intel Xeon Processor E5 Family 0
Intel Xeon Processor E3 v6 Family 0
Intel Xeon Processor E3 v5 Family 0
Intel Xeon Processor E3 v4 Family 0
Intel Xeon Processor E3 v3 Family 0
Intel Xeon Processor E3 v2 Family 0
Intel Xeon Processor E3 Family 0
Intel Xeon Processor D-2100 0
Intel Xeon Processor D-1500 0
Intel Xeon processor 7500 series 0
Intel Xeon processor 6500 series 0
Intel Xeon processor 5600 series 0
Intel Xeon processor 5500 series 0
Intel Xeon processor 3600 series 0
Intel Xeon processor 3400 series 0
Intel Virtual Machine Manager (VMM) 0
Intel System Management Mode (SMM) 0
Intel Software Guard Extensions (SGX) 0
Intel Operating System (OS) 0
Intel Core X-series Processor Family for Intel X99 platforms 0
Intel Core X-series Processor Family for Intel X299 platforms 0
Intel Core M processor family 0
Intel Core i7 processor 0
Intel Core i5 processor 0
Intel Core i3 processor 0
Intel 8th generation Core processors 0
Intel 7th generation Core processors 0
Intel 6th generation Core processors 0
Intel 5th generation Core processors 0
Intel 4th generation Core processors 0
Intel 3rd generation Core processors 0
Intel 2nd generation Core processors 0

受漏洞影响操作系统以及版本:

Microsoft Windows Server 2012 R2 0
Microsoft Windows Server 2012 0
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 1803 0
Microsoft Windows Server 1709 0
Microsoft Windows Server 2016
Microsoft Windows RT 0
Microsoft Windows 8.1 for x64-based Systems 0
Microsoft Windows 8.1 for 32-bit Systems 0
Microsoft Windows 7 for x64-based Systems SP1
Microsoft Windows 7 for 32-bit Systems SP1
Microsoft Windows 10 Version 1803 for x64-based Systems 0
Microsoft Windows 10 Version 1803 for 32-bit Systems 0
Microsoft Windows 10 version 1709 for x64-based Systems 0
Microsoft Windows 10 version 1709 for 32-bit Systems 0
Microsoft Windows 10 version 1703 for x64-based Systems 0
Microsoft Windows 10 version 1703 for 32-bit Systems 0
Microsoft Windows 10 Version 1607 for x64-based Systems 0
Microsoft Windows 10 Version 1607 for 32-bit Systems 0
Microsoft Windows 10 for x64-based Systems 0

缓解或修复方案:
暂无
漏洞描述:

英特尔周二在官方网站上披露自家CPU发现安全漏洞,漏洞被称为L1TF,或者L1 Terminal Fault。

从个人电脑的Core(酷睿)到服务器上的Xeon(至强),都受到影响,黑客可能会利用这些漏洞来窃取信息。

攻击利用点,对普通用户影响较小,对企业服务器威胁较大。Intel官方表示会推出安全更新来降低风险,目前还未接到漏洞被利用的情况。腾讯智慧安全将会密切关注有关该漏洞的进一步消息,及时推送安全更新,防止漏洞被攻击者利用。有关该漏洞的更多消息,可参考Intel官方公告:https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html

漏洞原文地址:https://www.bleepingcomputer.com/news/security/researchers-disclose-new-foreshadow-l1tf-vulnerabilities-affecting-intel-cpus/

最新资讯