Bitdefender has published a report on a new side-channel attack that affects all Intel processors since Ivy Bridge (2012). The vulnerability revolves around an instruction called SWAPGS, which is designed for exchanging a GS base register value in 64-bit chips.

Microsoft has already published a patch, which results in “no noticeable performance degradation.” AMD processors are not affected by the SWAPGS Attack.

Unpatched Windows systems running on 64-bit Intel hardware are susceptible to leaking sensitive kernel memory, including from user mode. The SWAPGS Attack circumvents all known mitigation techniques deployed against previous side-channel attacks on vulnerabilities in speculative execution.

Discussion