The x86 processor family — specifically Intel’s 10th Gen through 12th Gen Core CPUs, has seen its fair share of attacks over the last decade with exploits like Spectre and Meltdown, which still plagues the series of processors to this day, as well as rival AMD and their processors. Recently, researchers found that the three Intel Gen Core families were capable of being overrun by a new processor exploit, the ÆPIC Leak.
Researchers create a new ÆPIC Leak exploit that affects the last three generations of Intel Core CPUs
ÆPIC Leak receives its name from the Advanced Programmable Interrupt Controller, or APIC, which operates by handling interrupt requests and controlling multiprocessing. Researchers note that the leak is the first processor exploit “able to disclose sensitive data architecturally.”
Developers or users can test the vulnerability for themselves as it has become open-sourced by the Graz Institute of Technology for demonstration purposes. Presently, there is no information for the newest patch to assist with eliminating the vulnerability, but it is reported that Intel was notified last December.
A privileged attacker (Administrator or root) is required to access APIC MMIO. Thus, most systems are safe from ÆPIC Leak. However, systems relying on SGX to protect data from privileged attackers would be at risk, thus, have to be patched.
To avoid the vulnerability, which uses the CVE tag CVE-2022-21233, users will need to disable APIC MMIO or avoid SGX at this time.
News Sources: TechPowerUP, GitHub
