The Channel logo


By | Tony Smith 16th May 2005 10:43

SMT vulnerability 'not critical' - Intel

Got to 'own' a machine to make use of it

Intel has pledged to work with operating system vendors to prevent its HyperThreading system being used by malware to snoop for sensitive data.

However, it claimed the problem, revealed in a paper published last week, is a minor one: it can only be exploited once the security of the targeted desktop or server has already been compromised.

The chip giant was also quick to point out that HT-enabled CPUs are not the only ones vulnerable to the newly exposed attack. It can be brought to bear against any processor with that can do simultaneous multi-threading. Dual-cores too, it seems, are vulnerable.

The vulnerability arises because code running on one thread can access cache and memory being used by another thread. If the former's a crypto-key sniffer and the other's caching said key, the first thread can copy the information then relay it to another machine. You can read researcher Colin Percival's paper on the subject here (PDF).

Intel said it had already been notified of the problem before Percival's paper was posted on the web last week. The chip maker said it was working with a number of OS vendors to "fix the issues".

"The flaw is not considered critical, but it will be fixed in subsequent updates to the Microsoft and Linux operating systems," Intel said. ®

Related stories

Intel: next-gen dual-cores not NetBurst
Intel may get boost from robust Taiwan PC market
Intel restates Q1 earnings. Upwards
AMD steals Q1 market share from Intel
Intel launches dual-core Pentium Extreme Edition
Intel confirms 'Conroe'

alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe