Intel plans to introduce new hardware-based protection for laptops against common malware attacks in the upcoming 10-nanometer Tiger Lake processors at the chipmaker. Intel has been working in collaboration with Microsoft on CET for 4 years, and this will be the first time we will see it in action in the Tiger Lake CPUs.
CET protects against attacks on the control flow of processors, which refers to the order in which various calls to functions are executed.
Attackers have previously targeted control flow at attacks where they hijack the processes and modify the instructions. That might allow them to execute arbitrary code on victim systems.
CET will protect the control flow on Intel’s future Tiger Lake mobile CPUs via two new security mechanisms, namely shadow stack, and indirect branch tracking.
Shadow stack refers to making a copy of the intended control flow of an application, storing the shadow stack in a secure area of the CPU and using it to ensure that no unauthorized changes occur in the intended execution order of an application.
Indirect branch tracking, on the other hand , refers to restricting and adding additional protections to the ability of an application to use CPU “jump tables,” which are tables that contain memory locations (re)used through the control flow of an app.
Intel says indirect branch tracking protects against two techniques called Jump Oriented Programming (JOP) and Call Oriented Programming (COP), where JMP (jump) or CALL instructions are abused by malware to hijack the jump tables of a legitimate app.
This is not the first time Intel takes a hardware-based approach to combating ongoing malware attacks. Earlier it baked eXtension SGX or Application Guard in its CPUs. It nevertheless did not offer the company’s intended results. How successful CET would turn out to be once it is started remains to be seen.