Lazy FP State Restore: the new vulnerability of Intel processors

A new vulnerability has been discovered in Intel processors, called Lazy FP State Restore. This vulnerability is yet another variant of the already known Specter v3 that affects, due to the way it works, all of the blue giant’s processors. If exploited, an attacker could recover cryptographic keys from the math co-processor embedded in the kernel.

I don’t think that Intel will soon forget 2018. Because it seems that they can’t string together anything that ends up going well. Especially on the subject of computer security, where, since the beginning of the year, they have not stopped discovering new vulnerabilities in Intel processors. Yes, we already know that some of them have also affected AMD processors, and even processors with ARM architectures. But, even so, the one that seems to be the most affected is coming out of this whole matter, is Intel.

Lazy FP State Restore: the new vulnerability of Intel processors

The Lazy FP State Restore vulnerability can attack the infected system, stealing data from operations that are being performed within the processor’s FPU. The FPU (Floating Point Unit) is the mathematical co-processor that all processors with x86 architecture have integrated into the core itself to speed up the performance of certain operations such as multiplications or divisions, and it is an essential part of their architecture and performance. .

The new vulnerability of Intel processors can only be exploited from the Operating System

Unlike Meltdown and Spectre, which were flaws in the internal architecture of Intel processors, the Lazy FP State Restore vulnerability can only be executed from the Operating System by the attacker, for which they must previously gain control of it by other methods, such as malware-based. Even so, Lazy FP State Restore is one of the features that Windows uses (among other Operating Systems, since Linux also uses it) and, as such, it cannot be disabled. Which does not mean that it cannot be patched in some way, of course.

The vulnerability affects all processors manufactured by Intel from the Sandy Bridge cores to the present day. This means that the Lazy FP State Restore instruction has been in use since the second generation of Core processors, and the number of vulnerable computers, considering these have been Intel’s most prevalent years of sales, can be truly astronomical.

We can only hope that Microsoft is able to release a proper patch for this new vulnerability with some haste. We know that several Linux distributions are already releasing patches that remove these vulnerabilities in their respective Operating Systems.