While naturally there are an abundance of security measures built into Intel CPUs, the upcoming Intel 11th Gen Tiger Lake CPUs will be getting one more according to today’s announcement with something the company is calling Intel Control-Flow Enforcement Technology (Intel CET), which helps defend against control-flow hijacking, a method common among malware attacks (via Ubergizmo).
Need a new laptop right now? Here are the best laptops of 2020Lenovo ThinkPad TrackPoint Keyboard II reviewWindows 10 update wrecks browsers: What to do now
This kind of attack has been particularly difficult to combat with software alone according to Intel. Hopefully bolstered by the new hardware, software developers will bring an end to or at least greatly reduce these threats. The two new capabilities offered by the Intel CET are indirect branch tracking and shadow stack. The former provides defense against jump/call-oriented programming (JOP/COP) attacks, while the latter will protect against return-oriented programming (ROP) attacks. These malware attacks are known as memory safety issues and according to the Trend Micro Zero Day Initiative researchers this form of malware made up 63.2% of known vulnerabilities in 2019. Naturally, the operating system must also integrate this technology, and both Intel and Microsoft have been working closely to deliver Intel CET in Windows 10. In Windows 10 this will be called Hardware-enforced Stack Protection and a preview is available starting today in the Windows 10 Insider Previews (opens in new tab). Wider platform support will be rolling out in the future with Intel citing desktop and server platforms as also receiving Intel CET. We expect to see Intel Tiger Lake CPUs in laptops this fall and while performance is naturally top of mind for most of us when looking at new CPUs, security is of course a crucial component for all of us.