Security
Determine security ramifications to protect personal data and information
116 Discussions

Intel and Microsoft joint security review of Intel TDX 1.5

IPAS_Security
Employee
0 0 502

Hi everyone,

In this post we are excited to talk about a joint security review of Intel® Trust Domain Extensions (Intel® TDX) version 1.5 between Intel and Microsoft. At Intel, we’re dedicated to making our Confidential Computing technology as successful and secure as possible – not only for us, but for the entire industry – ultimately delivering increased levels of trust for our customers. This kind of collaborative research helps uncover security vulnerabilities that can emerge in these complex environments before malicious actors can take advantage of them.

The security review took place prior to the release of Intel TDX 1.5, which included several months of architectural, design, and code evaluation, and was capped off by a joint hackathon where the teams found security weaknesses needing defense in depth changes as well as a handful of vulnerabilities that have all now been addressed.

According to Yair Netzer, Principal Security Research Manager at Microsoft, Intel TDX is “an instrumental technology helping to achieve our [confidential compute] goals.” He stated, “now that we are finished, it’s even more secure” and “I’m very confident, after this hackathon, with this technology.”

Back in May 2024, we posted a Chips & Salsa video with some of the Intel and Microsoft folks involved in this effort and talked about the goals, objectives, and outcomes of this joint security review.

IPAS_Security_0-1722957559501.png

 

Today, Maxime Villard, a Microsoft security researcher involved in the effort, gave a talk at Black Hat discussing two of the issues found during the review. It is important to note that these issues are medium severity and have already been mitigated. For details, please see INTEL-SA-01010 and INTEL-SA-01073.

If you are interested in the technical details of this effort, have a look at the technical paper we collaborated on with Microsoft.

This is just another great example of how Intel product security assurance works to build the most robust and secure products to help protect customers and their data.

Cheers,

Jerry Bryant
Sr. Director, Incident Response and Security Communications
Intel Product Assurance and Security (IPAS)

About the Author
Intel Product Assurance and Security (IPAS) is designed to serve as a security center of excellence – a sort of mission control – that looks across all of Intel. Beyond addressing the security issues of today, we are looking longer-term at the evolving threat landscape and continuously improving product security in the years ahead.