Intel has today announced that a new feature will now be made available in the company’s upcoming Tiger Lake Mobile CPUs. The feature called SET (Control-flow Enforcement Technology) is something Intel has been working on since 2016. The feature deals with ‘control flow’, or the order in which tasks are executed in the CPU. Also Read - Intel NUC 11 Extreme Kit with space for a 12-inch GPU launched: Price, specs
Many malware infections begin by infecting the control-flow of a CPU. The malware uses vulnerabilities in other apps to take control of their control-flow and then insert its own malicious code within the other app to replicate and cause problems. Also Read - Joker malware back on Google Play store, delete these apps from your phone immediately
Watch: Speaking with BGR India: Ashim Mathur, Dolby Senior Regional Director
However, the new CET-enabled Tiger Lake CPUs will take care of this problem with two new security mechanisms. These are shadow stack and indirect branch tracking techniques. The former means to make a safe copy of an application’s original, intended control-flow, and storing this ‘shadow stack’ in a secure area of the CPU itself. This can then be used to ensure that no unauthorized changes take place in an application’s intended order of execution. Intel states that the technique protects users against ROP (Return Oriented Programming) attacks, where malware hits the return instruction and injects malicious code. Also Read - Airtel partners with Intel for its 5G network development: Details here
Meanwhile, the other indirect branch tracking refers to restricting and adding additional protections to an application’s ability to use CPU “jump tables”. These are essentially tables with memory locations that are used through the control-flow of an application. Intel says that the indirect branch tracking process will protect users against JOP (Jump Oriented Programming) and COP (Call Oriented Programming) attacks.
Intel CET technology was available to developers since 2016
Further, since Intel published the CET specifications for software makers back in 2016, developers have also had time to adjust their code for the first series of Intel CPUs which will support the technology. While CET launched today for Intel’s line of mobile CPUs that use Tiger Lake microarchitecture, the technology will also be available in desktop and server platforms.