Press is spreading around a new “Spoiler” vulnerability warning for Intel CPUs. But what exactly is Spoiler, and how does it apply to us?
Spoiler isn’t really a vulnerability – it’s more of a way to understand how memory is being addressed in order to make other side-channel attacks like RowHammer and Prime+Probe more effective. Spoiler pays close attention to how long each operation takes to happen, then builds a map based on these results. Most side-channel attacks do not build this map as effectively as Spoiler, so they take much longer to be effective. Researchers are now combining these technologies – and hackers probably aren’t far behind.
Fortunately, there are a number of hardware- and software-based approaches that can help combat this. For hardware, use Error Correcting RAM and its newer generations of technology. There’s DDRAM on the market now specifically designed to deflect these attacks. In software, Intel recommends looking for improper side-channel usage. Software like SONICWALL RTDMI can help with this.
Spoiler is still young, so there’s plenty left to learn when it comes to addressing it. Make sure watch for any news or updates on the topic. To learn more and start talking about your options, just reach out to your Zones representatives – they’ll set up time with our security experts help your organization fortify its defenses.