Intel last week released six advisories covering a range of products, the most interesting of which is a flaw discovered in the company’s Software Guard Extensions (SGX) built into all Intel processors since the company’s sixth-generation Skylake processors in 2015. Discovered by independent researcher SaifAllah benMassaoud, the latest SGX vulnerability (CVE-2018-18098) is a weakness in the software layer that enables SGX hardware that could allow what Intel euphemistically describes as “escalation of privilege or information disclosure.” SGX makes possible ‘secure enclaves’ that can be used for a variety of purposes, including Digital Rights Management (DRM).
Read full news article on Naked Security