Hi everyone,
In this post we are excited to talk about a joint security review of Intel® Trust Domain Extensions (Intel® TDX) version 1.5 between Intel and Microsoft. At Intel, we’re dedicated to making our Confidential Computing technology as successful and secure as possible – not only for us, but for the entire industry – ultimately delivering increased levels of trust for our customers. This kind of collaborative research helps uncover security vulnerabilities that can emerge in these complex environments before malicious actors can take advantage of them.
The security review took place prior to the release of Intel TDX 1.5, which included several months of architectural, design, and code evaluation, and was capped off by a joint hackathon where the teams found security weaknesses needing defense in depth changes as well as a handful of vulnerabilities that have all now been addressed.
According to Yair Netzer, Principal Security Research Manager at Microsoft, Intel TDX is “an instrumental technology helping to achieve our [confidential compute] goals.” He stated, “now that we are finished, it’s even more secure” and “I’m very confident, after this hackathon, with this technology.”
Back in May 2024, we posted a Chips & Salsa video with some of the Intel and Microsoft folks involved in this effort and talked about the goals, objectives, and outcomes of this joint security review.
Today, Maxime Villard, a Microsoft security researcher involved in the effort, gave a talk at Black Hat discussing two of the issues found during the review. It is important to note that these issues are medium severity and have already been mitigated. For details, please see INTEL-SA-01010 and INTEL-SA-01073.
If you are interested in the technical details of this effort, have a look at the technical paper we collaborated on with Microsoft.
This is just another great example of how Intel product security assurance works to build the most robust and secure products to help protect customers and their data.
Cheers,
Jerry Bryant
Sr. Director, Incident Response and Security Communications
Intel Product Assurance and Security (IPAS)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.