The array of speculative execution exploits that fall under the umbrella of Spectre has added a new variant to worry about. Bitdefender has disclosed a modified version of the Spectre 1 bug known as the SWAPGS vulnerability, which could allow malware to snoop on private memory, potentially revealing all sorts of secrets about a system and its user to hackers. Fortunately, Microsoft and other operating system manufacturers patched this bug long ago, so as long as your install of Windows is up to date, you should be safe and sound.
Like many of the Spectre variants we’ve seen over the last couple of years, SWAPGS affects most x86 or x64 processors released this decade, with Bitdefender claiming, via Forbes, that “all Intel CPUs manufactured between 2012 and today are vulnerable to the SWAPGS exploit.” A Red Hat advisory suggests that AMD CPUs are also vulnerable to this potential attack, but that’s disputed by AMD. It claims that based on internal and external testing, it doesn’t believe AMD hardware is vulnerable to this type of Spectre attack.
Bitdefender concurred, stating that following testing it completed, it hasn’t been able to replicate this attack on AMD CPUs.
“We tested two AMD CPUs: AMD64 Family 16 Model 2 Stepping 3 AuthenticAMD ~3211 Mhz and AMD64 Family 15 Model 6 Stepping 1 AuthenticAMD ~2100 Mhz and neither exhibited speculative behavior for the SWAPGS instruction,” it said in a statement, via BleepingComputer.
Fortunately, Windows has been fully patched against it, so whatever chip you’re using, Windows users need not fear SWAPGS if they have a fully updated operating system. Bitdefender, Intel, and Microsoft have been working for more than a year to fix this particular exploit, as it is distinct from existing Spectre variants and isn’t affected by any previous fixes for other speculative execution attack vectors.
The Windows patch was released as part of Microsoft’s July 2019 Patch Tuesday security updates. We’re only hearing about it now because of a coordinated disclosure among hardware and software developers to alert the public that the exploit has mostly been mitigated through software changes.
If, for whatever reason, you believe that your system hasn’t been updated, all you need do is run Windows update a few times. You can find it by searching for Windows update in the Windows search bar. Select Windows Update Settings and then select Check for Updates. Alternatively, check out our guide on how to install the latest version of Windows to get you fully up to date and protected.
While this latest exploit isn’t something to get too worried about, it does remind us that speculative execution bugs are here to stay and will continually be found until processor design changes fundamentally at the hardware level. Intel’s Ice Lake introduced a number of hardware fixes, but perhaps it’s time to introduce a secure core to make these sorts of exploits redundant.
