Have an Intel-powered laptop made after 2012? It is vulnerable!
We can all remember the Spectre and Meltdown exploits that plagued Intel processors, but apparently a new vulnerability has been discovered. It affects all Windows-powered PCs running on an Intel processor built after 2012.
The bug is called SWAPGSAttack, as it affects the SWAPGS. An attacked utilizing SWAPGSAttack could gain access to sensitive information without leaving a trace. Bitdefender explains the vulnerability in this blog post.
The attack is a novel approach of leaking sensitive information from the kernel since it bypasses all known side-channel attack mitigation techniques. This is achieved by abusing the fact that SWAPGS instruction can be executed speculatively. An attacker can force arbitrary memory dereferences in kernel, which leaves traces within the data caches. These signals can be picked-up by the attacker to infer the value located at the given kernel address — Bitdefender
Now, for the good news part: there’s a fix, and you are likely protected if your system is up to date. It rolled out as part of the Patch Tuesday in July.