Intel bets on CET to secure chips against rising malware threats
Intel is finally beefing up security on its processors. Starting with the upcoming mobile processor, codenamed Tiger Lake, Intel will embed a new security product called “Intel Control-Flow Enforcement Technology” (Intel CET).
The new security protocol is aimed at minimising risks from possible misuse of legitimate code through a popular hacking mechanism known as control-flow hijacking.
The announcement comes years after Intel began working with CET in 2016. The chip company had then first published the first draft of the CET-compliant specifications.
With the new security protocol, Intel's upcoming Tiger Lake processors will safeguard the control flow through two methods.
The first mechanism, known as Shadow Stack, ensures the chip saves a copy of an app's control flow and isn't manipulated by anyone else. The mechanism also better manages “Return Oriented Programming.”
The second method is known as Indirect Branch Tracking (IBT) which is supposed to deliver protection from another attack tool known as jump/call oriented programming.
Microsoft is among the first to embrace the Intel CET and will be soon adding the support to Windows 10. The company will offer the tool as “Hardware-enforced Stack Protection.” The feature is already available to users through Windows 10 Insider Previews.
“The significance of Intel CET is that it is built into the microarchitecture and available across the family of products with that core. While Intel vPro platforms with Intel Hardware Shield already meet and exceed the security requirements for Secured-core PCs, Intel CET further extends advanced threat protection capabilities. Intel CET is also expected to be available in future desktop and server platforms,” said Intel in a post.