Intel Steps Up Game With CPU-Level Malware Protection

Tech companies both big and small are always looking for new ways to protect their customers from the threat of malware. While that’s not something that hardware vendors are known for, Intel has leapt into the fray with a recent announcement.
Their planned “Tiger Lake” mobile processers will offer CPU-level malware protection features.
Tom Garrison is Intel’s VP & General Manager of Client Security Strategy and Initiatives.
Tom had this to say about the planned features:
“Intel CET is designed to protect against the misuse of legitimate code through control-flow hijacking attacks–widely used techniques in large classes of Malware…Intel has been actively collaborating with Microsoft and other industry partners to address control-flow hijacking by using Intel’s CET technology to augment previous software-only control-flow integrity solutions.”
Specifically, Intel’s CET provides two new capabilities to help guard against control-flow hijacking malware: Indirect Branch Tracking (IBT) and Shadow Stack (SS). Collectively, these two new tools work by defeating malware designed to use ROP (Return Oriented Programming), JOP (Jump Oriented Programming) and COP (Call Oriented Programming).
Garrison adds:
“The significance of Intel CET is that it is built into the microarchitecture and available across the family of products with that core…While Intel vPro platforms with Intel Hardware Shield already meet and exceed the security requirements for Secure-core PCs, Intel CET further extends advanced threat protection capabilities….when used properly by software, [it] is a bit step in helping prevent exploits from hijacking the control-flow transfer instructions.”
As mentioned, the new capabilities will initially roll out for mobile processors, but the company has plans in the work to expand the microarchitecture into desktop and server platforms as well.
This is good news and we’re excited to see the hardware’s capabilities in action. Of course, it remains to be seen how effective the new protections will be, but industry experts are cautiously optimistic.
Get In Touch
Share On Social Media
Other Recent Blog Articles
The Voice on the Phone Isn’t Who You Think It Is: AI Scams Are Coming for Portland Small Businesses
A few years ago, “phishing email” was the scariest phrase in small business IT. Bad spelling, a sketchy link, a fake invoice from “Microsoft Support.” Most of us got pretty…
Your Cybersecurity Is Only as Strong as Your Weakest Vendor
The Nintendo TinyPulse Breach Is a Wake-Up Call for Every Business Nintendo is one of the most recognized brands on the planet. They guard their intellectual property fiercely, have weathered…
Fake IT Workers Are Showing Up at Offices — And They’re After Your Data
Cybercrime has never been more brazen. Ransomware gangs have long relied on phishing emails and malicious software to compromise businesses — but a group known as the Silent Ransom Group has taken…