Intel launches new Control-Flow Enforcement Technology to protect against malware attacks
Intel Corp. today announced a new security capability called Control-Flow Enforcement Technology that delivers processor-level security structures to protect against common malware attack methods that have been a challenge to mitigate with software alone.
First available on Intel’s Tiger Lake platform with Willow Cove microarchitecture, Intel CET is designed to protect against the misuse of legitimate code through control-flow hijacking attacks. Those are widely used techniques in large classes of malware by offering software developers key capabilities to help defend against control-flow hijacking malware: indirect branch tracking and shadow stack.
Indirect branch tracking delivers indirect branch protection to defend against so-called jump/call-
oriented programming attack methods. Shadow stack delivers return address protection to help defend against return-oriented programming attack methods. Both are said to be attack methods used by a class of malware referred to as memory safety issues and include tactics such as the corruption of stack buffer overflow and use-after-free.
“Intel was the first to tackle these complex security challenges and we remain committed to working with the industry to drive security innovation,” Tom Garrison, vice president and general manager of client security strategy and initiatives at Intel, said in a statement. “We recognized that scaling OS and application adoption to truly solve the problem would require industry wide collaboration. To accelerate adoption, we published the Intel CET specifications in 2016.”
In addition, he said, “Intel and Microsoft have been working closely to prepare Windows 10 and developer tools so applications and the industry at large can offer better protection against control-flow hijacking threats.” Microsoft’s support for Intel CET in Windows 10 is called Hardware-enforced Stack Protection and a preview of it is available today in Windows 10 Insider Previews.
Garrison noted that the new hardware-enforced Stack Protection feature only works on chipsets with Intel CET instructions because it relies on a new CPU architecture that is compliant with Intel CET specifications.
Intel CET is built into microarchitecture and available across the family of products with that core. Although Intel vPro platforms already meet the security requirements for secured-core PCs, Intel CET is said to exceed the current requirements and further extends the advanced threat protection capabilities of Intel Hardware Shield that are exclusive to Intel vPro platforms.
Image: Intel
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU