The latest set of Spectre-like vulnerabilities that have hit Intel CPUs have been a hot topic around the network security community, and both Intel and Red Hat have issued a couple of videos trying to explain these vulnerabilities.
Intel has released its own video explaining these L1 Terminal Fault (L1TF) vulnerabilities.
In case you missed it earlier, the new Spectre-like vulnerabilities, also known as L1 Terminal Fault (L1TF), include the CVE-2018-3615, which is the one targeting Intel’s Software Guard Extensions (SGX), the CVE-2018-3620, which affects System Management Mode (SMM) memory, and the CVE-2018-3646, which affects hypervisors and virtual machines.
The so-call Foreshadow vulnerability, which is the CVE-2018-3615, or the one that affects Intel Software Guard Extensions (SGX), is the biggest focus of cybersecurity companies as this is the first time that SGX is affected.
In addition to Intel’s short video, Red Hat released two videos, one with a short explanation about these L1TF varieties, as well as a much longer video which talks about the L1TF in more details.
The second video provides much more technical details and is hosted by Red Hat computer architect Jon Masters, giving a bit more detail on how the flaw works and what companies can do to mitigate it.
You can also check out Red Hat’s full blog post regarding the L1 Terminal Fault (L1TF), written by Jon Masters, over at Red Hat’s website.