In the processor world, we have encountered many security vulnerabilities in the last ten years. Companies affected by these vulnerabilities, regardless of brand, tried to fix the problems with various patches. While the biggest security vulnerabilities such as Specter and Meltdown are being forgotten recently, the new vulnerability called ÆPIC Leak hits Intel processors at the architectural level.
First architectural-level vulnerability
The name ÆPIC Leak actually comes from the architectural design known as the Advanced Programmable Interrupt Controller (APIC), which was developed to prevent interruptions in multiprocessor systems. Researchers say the leak is the first processor vulnerability that can “expose sensitive data at an architectural level.”
MSI announces world’s first ATX 3.0 power supply
8 h. previously added
The new vulnerability affects Intel 10th generation, 11th generation and 12th generation processors. Therefore, although the level of danger of this vulnerability affecting current systems is high, attackers must have access to APIC MMIO for the system to be infected. It is stated that most systems are safe from ÆPIC Leak since this requires administrator or root level permissions. However, it is underlined that systems relying on SGX are at risk and need to be patched to protect data from privileged attackers.
It is stated that the security vulnerability was reported to Intel in December 2021 with the tag CVE-2022-21233. However, no patches have been released since then. It is recommended that users disable APIC MMIO or not use SGX at this time to avoid the vulnerability.