Mitigate PLATYPUS Attack Without A Reboot

Mitigate PLATYPUS Attack Without A Reboot

On November 10, 2020, a team of academic researchers found a bug in Intel CPU architecture that allowed them to extract sensitive information from the processor such as encryption keys. Researchers named the vulnerability Power Leakage Attacks: Targeting Your Protected User Secrets (PLATYPUS) for the Platypus’ ability to detect electrical current with its bill. By monitoring power consumption, researchers were able to determine data being processed via the Running Average Power Limit (RAPL) interface. No instances of an exploit in the wild have been reported, but Intel released a microcode update that should be applied to any servers and devices using the processor. No patches are needed, as it was with Zombieload or Spectre & Meltdown.

Continue reading “Mitigate PLATYPUS Attack Without A Reboot”