Technology News
English Edition
  • Home
  • Laptops
  • Laptops News
  • Intel Downfall Security Flaw Affecting Older Chips Discovered by Researcher, Chipmaker Rolls Out Fixes

Intel Downfall Security Flaw Affecting Older Chips Discovered by Researcher, Chipmaker Rolls Out Fixes

Downfall has impacted users for at least nine years as the affected chips date back to 2014, according to the security researcher who discovered the flaw.

Written by David Delima, Edited by Siddharth Suvarna | Updated: 9 August 2023 17:42 IST
Intel Downfall Security Flaw Affecting Older Chips Discovered by Researcher, Chipmaker Rolls Out Fixes

Photo Credit: Reuters

Downfall can also bypass fixes previously issued by Intel for older flaws like Meltdown

Click Here to Add Gadgets360 As A Trusted Source As A Preferred Source On Google
Highlights
  • Intel has issued security fixes for a flaw affecting its older CPUs
  • The Downfall vulnerability affects chips that are up to nine years old
  • Intel revealed details about the security flaws on August 8
Advertisement

Intel processors are affected by Downfall, a security flaw that can allow a malicious user to gain access to sensitive and private user data from users' computers, and the chipmaker is rolling out fixes that patch the vulnerability on affected systems. The flaw was detected by a California-based researcher and disclosed to Intel, allowing the firm to patch the issue before details were published online. Unlike the company's recent chips, older CPUs released by Intel in 2015 are currently vulnerable and these models will receive a microcode update to fix the potential leakage of information.

The chipmaker has assigned a "Medium" security rating for the bug in a post on the Intel Security website, which states that the firm will issue a firmware update and a software sequence — the latter is optional — that is designed to patch the security flaw. Customers with PCs powered by Intel's 6th generation Skylake processors all the way up to the 11th generation Tiger Lake processors are affected by the security flaw. Alder Lake, Sapphire Rapids, and Raptor Lake chips are not affected by the flaw.

Dubbed Downfall by Daniel Moghimi, the Google security researcher who discovered it, the vulnerability is capable of beating boundaries set by the chipmaker for the operating system, virtual machine, and Intel's Software Guard Extensions. Moghimi used the Gather instruction that is used to make it easier to access data that is scattered in the device's memory in order to discover the flaw and develop a proof of concept that was shared with the company in order to develop a fix.

The researcher also explains that the Downfall vulnerability can also bypass fixes previously issued by Intel for older flaws such as Meltdown and Microarchitectural Data Sampling (MDS). Intel is rolling out microcode updates to secure its older processors against the flaw that can allow an attacker to steal arbitrary data from the Linux Kernel, 128-bit and 256-bit AES keys from another user, and even spy on printable characters, according to Moghimi.

Moghimi says the Downfall vulnerability is "highly practical" and that developing an end-to-end attack to steal encryption keys from OpenSSL — and open-source encryption library — took only two weeks. Users have been exposed to Downfall for at least nine years, as the chips affected by the security flaw were released as early as 2014.

“The security researcher, working within the controlled conditions of a research environment, demonstrated the GDS issue which relies on software using Gather instructions. While this attack would be very complex to pull off outside of such controlled conditions, affected platforms have an available mitigation via a microcode update. Recent Intel processors, including Alder Lake, Raptor Lake and Sapphire Rapids, are not affected. Many customers, after reviewing Intel's risk assessment guidance, may determine to disable the mitigation via switches made available through Windows and Linux operating systems as well as VMMs. In public cloud environments, customers should check with their provider on the feasibility of these switches,” an Intel spokesperson told Gadgets 360.

From the launch of the Infinix GT 10 Pro to Amazon's latest mega-sale, we discuss the most noteworthy technology news events of the week on the latest episode of Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Intel, Downfall, Security Flaws, Vulnerability
David Delima
David Delima
As a writer on technology with Gadgets 360, David Delima is interested in open-source technology, cybersecurity, consumer privacy, and loves to read and write about how the Internet works. David can be contacted via email at DavidD@ndtv.com, on Twitter at @DxDavey, and Mastodon at mstdn.social/@delima. More
Samsung Galaxy A05 Listed on Geekbench With MediaTek Helio G85 SoC, Android 13: All Details
Nothing Phone 2 Receives Nothing OS 2.0.2 Update; Users Complain of Poor Camera Quality: All Details

Related Stories

Intel Downfall Security Flaw Affecting Older Chips Discovered by Researcher, Chipmaker Rolls Out Fixes
Comment
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi

Advertisement

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Top OTT Releases of the Week: Kantara Chapter 1, Lokah Chapter 1, Idli Kadai, and More
  2. iQOO 15 Indian Variant Allegedly Surfaces on Geekbench Ahead of Launch
  3. Realme GT 8 Pro India Launch Date Leaked: Here's When It Might Arrive
  4. Kantara: A Legend Chapter 1 Now Streaming Online: What You Need to Know
  5. Vivo X300 Could be Available in This India-Exclusive Colourway
#Latest Stories
  1. Starlink Hiring for Payments, Tax and Accounting Roles in Bengaluru as Firm Prepares for Launch in India
  2. Google's 'Min Mode' for Always-on Display Mode Spotted in Development on Android 17: Report
  3. OpenAI Upgrades Sora App With Character Cameos, Video Stitching and Leaderboard
  4. Samsung's AI-Powered Priority Notifications Spotted in New One UI 8.5 Leak
  5. Samsung Galaxy S26 Series Could Feature Model Slimmer Than Galaxy S25 Edge With New Name
  6. iQOO 15 Colour Options Confirmed Ahead of November 26 India Launch: Here’s What We Know So Far
  7. Vivo X300 to Be Available in India-Exclusive Red Colourway, Tipster Claims
  8. OpenAI Introduces Aardvark, an Agentic Security Researcher That Can Find and Fix Vulnerabilities
  9. Xiaomi 17, Poco F8 Series and Redmi Note 15 Listed on IMDA Certification Website Hinting at Imminent Global Launch
  10. CERT-In Warns Google Chrome Users of High-Risk Flaws on Windows, macOS, and Linux
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.
Trending Products »
Latest Tech News »