View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 15, 2018updated 16 Aug 2018 12:03pm

VMware Security Update Tackles Intel Spectre Variant Foreshadow

The company has released a slew of security updates impacting vSphere, Fusion, and more

By CBR Staff Writer

VMware has released a security update which includes mitigation’s for Foreshadow, Intel’s latest silicon security problem.

On Tuesday, the Dell subsidiary said in a security advisory that Foreshadow, otherwise known as the L1 Terminal Fault, could be exploited to obtain sensitive information from victim machines.

Foreshadow, CVE-2018-3615, springs from design faults found in today’s modern CPUs, and follows Intel’s Spectre and Meltdown vulnerabilities.

The vulnerability was uncovered in modern Intel CPUs which utilize Software Guard Extensions (SGX), which are meant to protect data from being viewed, edited, or exfiltrated, even should a system otherwise fall under an attacker’s control.

However, SGX contains design problems which leave it as open to speculative execution attacks as Meltdown and Spectre.

“Making things worse, due to SGX’s privacy features, an attestation report cannot be linked to the identity of its signer. Thus, it only takes a single compromised SGX machine to erode trust in the entire SGX ecosystem.” according to the researchers who found the vulnerability.

To make matters worse, two other variants which impact microprocessors, operating systems and Hypervisor software were then uncovered. These speculative execution side channel vulnerabilities, discovered by Intel, impact VMware software in a big way.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

Short video from Red Hat that explains L1TF  in 3 Minutes:

Potential to Disrupt

The first vulnerability which has the potential to disrupt VMware services running on Intel chips is CVE-2018-3646. Issued a CVSS score of 7.1, the bug is described as a means for attackers to access information in the L1 data cache without permission.

If an attacker has local user access with guest OS privileges, they are able to exploit speculative execution practices in processors — a technique designed to give our systems a speed boost — in order to cause a terminal page fault and access the cache.

“This issue may allow a malicious VM running on a given CPU core to effectively read the Hypervisor’s or another VM’s privileged information that resides sequentially or concurrently in the same core’s L1 Data cache,” the company says.

The security problem impacts VMware vCenter Server (VC), VMware vSphere ESXi (ESXi), VMware Workstation Pro / Player (WS), VMware Fusion Pro / Fusion (Fusion),

In addition, VMware has also released mitigations for CVE-2018-3620, the second vulnerability which may impact Hypervisor software and results in the same information disclosure problem.

VMware vCloud Usage Meter (UM), Identity Manager (vIDM), vCenter Server (vCSA), vSphere Data Protection (VDP), vSphere Integrated Containers (VIC), and vRealize Automation (vRA) are affected.

An Intel Spokesperson informed us that: “L1 Terminal Fault is addressed by microcode updates released earlier this year, coupled with corresponding updates to operating system and hypervisor software that are available starting today.”

“We’ve provided more information on our website and continue to encourage everyone to keep their systems up to date, as its one of the best ways to stay protected. We’d like to extend our thanks to the researchers at imec-DistriNet, KU Leuven, Technion- Israel Institute of Technology, University of Michigan, University of Adelaide and Data61 and our industry partners for their collaboration in helping us identify and address this issue.”

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.