Intel will debut malware-fighting technology in Tiger Lake mobile CPUs

nanoguy

Posts: 486   +7
Staff member

Intel's CET will first become available with Tiger Lake mobile CPUs that are expected to drop in the second half of 2020. So far we've seen a few Tiger Lake ULV variants popping up here and there, and we know they'll offer PCIe 4.0 and USB 4.0 support, along with some other niceties in the GPU department. The fact that it'll also have better security is a nice bonus on top of all that.

Intel says it's been working on CET since 2016, when it first revealed official specifications so that Microsoft and other parties could have time to adopt it in software. CET brings to the table two new capabilities called Shadow Stack and Indirect Branch Tracking.

Malicious actors often use Call Oriented Programming (COP), Jump Oriented Programming (JOP), or Return Oriented Programming (ROP) to bypass standard anti-malware protection. These techniques use code from executable memory to change an app's behavior, so they require more advanced detection and mitigation methods.

Shadow Stack allows the CET's state machine to detect and block attempts from a malicious program by flagging mismatches between the address of the 'shadow' and that of the attacked program. Then CET uses Indirect Branch Tracking so that the target software can block JOP and COP attacks.

Intel says that vPro platforms already meet the security requirements of secured-core PCs, however CET is meant to offer an additional layer of protection for both enterprise and consumer-grade systems. The timing couldn't be better, as vulnerabilities in Intel CPUs keep making news since Meltdown and Spectre hit them hard in early 2018.

Permalink to story.

 

texasrattler

Posts: 899   +391
While security is always nice, often not tho media makes a bigger deal out of it than some of it really is. I never had any issues with any of the vulnerabilities. Granted I will say people use their computers differently. So that may be why I have no issues compared to others who may use their computer for a lot of things.

Btw doesnt MS Defender also use control flow? From my understanding several ppl turned it off do to performance issues. Again could just be how ppl use their computers.
 

kmo911

Posts: 206   +22
I would also put it out in those 4g+ 5g antennas to block many spam sites. asus RT-AX56U has many filter to stop bad malwaresites appearing wifi 6 router. so getting it into mobiles would be nice. put inside a phone blocker tool too.
 

enemys

Posts: 210   +216
TechSpot Elite
While security is always nice, often not tho media makes a bigger deal out of it than some of it really is. I never had any issues with any of the vulnerabilities. Granted I will say people use their computers differently. So that may be why I have no issues compared to others who may use their computer for a lot of things.

Btw doesnt MS Defender also use control flow? From my understanding several ppl turned it off do to performance issues. Again could just be how ppl use their computers.
It's not Defender, it's Windows. But yeah, OS provides a software runtime that apps can use to check their control flow. It only runs on apps that have been compiled with CFG support, but can also be turned off system-wide. Although turning it off is a terrible idea.

Intel is complementing it with hardware checks, though, which should hopefully make it faster (not that it has a big performance cost, anyway), harder to evade and OS-agnostic.
 

texasrattler

Posts: 899   +391
It's not Defender, it's Windows. But yeah, OS provides a software runtime that apps can use to check their control flow. It only runs on apps that have been compiled with CFG support, but can also be turned off system-wide. Although turning it off is a terrible idea.

Intel is complementing it with hardware checks, though, which should hopefully make it faster (not that it has a big performance cost, anyway), harder to evade and OS-agnostic.
Oh I only see it under security which is Defender so I just assumed its part of Defender. Which itself is apart of Windows.