Software Security Guidance
Resources and recommendations for developers and systems experts looking to understand potential vulnerabilities, assess risk, and build more secure solutions.
Your Source for Software and Software-Enabled Hardware Security Information
Explore guidance for securing your systems, writing more secure code, and understanding the impact of side channel vulnerabilities.
Featured Security Guidance
| CVSS | Title | CVE (If Applicable) | INTEL-SA (If Applicable) | Disclosure Date or Posting Date |
|---|---|---|---|---|
| 6.0 | Stale Data Read from Legacy xAPIC | CVE-2022-21233 | INTEL-SA-00657 | 2022-08-09 |
| 5.5 |
|
CVE-2022-26373 | INTEL-SA-00706 | 2022-08-09 |
| 4.7 | Return Stack Buffer Underflow | CVE-2022-28693 CVE-2022-29901 |
INTEL-SA-00702 INTEL-SA-00707 |
2022-07-12 |
| 6.1 | Processor MMIO Stale Data Vulnerabilities | CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 |
INTEL-SA-00615 | 2022-06-14 |
| n/a | Frequency Throttling Side Channel Guidance for Cryptography Implementations | n/a | n/a | 2022-06-14 |
| n/a |
Data Operand Independent Timing Instruction Set Architecture Guidance | n/a | n/a | 2022-05-10 |
| 4.7 | 2022-03-08 |
Check Affected Processors
Evaluate the impact of transient execution attacks from 2018 through today on Intel® CPUs to determine the recommended way to stay protected from potential attacks.
Actions to Take
Take these steps to assess risk and determine mitigations.
Read a detailed overview of the microcode update (MCU) process on current Intel® processors, including points when microcode may be loaded and guidelines for microcode updates.
Spectre and Meltdown Checker Script
This resource can help you check if a system is potentially vulnerable to transient execution attacks. It supports several open-source operating systems and looks for vulnerabilities on a variety of platforms.
Understand SRBDS Mitigation Impact on Intel® Secure Key
Learn how mitigations for special register buffer data sampling (SRBDS) affect the behavior of the RDRAND and RDSEED instructions that are key to the Intel® Secure Key digital random number generator.
Security Best Practices for Side Channel Resistance
Follow advice for developers and system administrators to help provide a solid foundation to maximize an application or system's resistance to side channels.
Software Security In Depth
Read detailed analysis and mitigations for Intel-supported issues.
Security Information
Learn more about Intel's commitment to security.
Vulnerability Management at Intel
Intel has sophisticated systems to address security vulnerabilities in Intel products, led by the Product Security & Incident Response Team (PSIRT). Learn more about vulnerability handling and disclosure processes.
Report a Security Vulnerability
If you believe you've found a security vulnerability in an Intel product or solution, notify us through the Intel Bug Bounty Program, and work with Intel to mitigate and coordinate disclosure of the vulnerability.
Watch this video to find out what you can expect when participating in the Intel Bug Bounty Program.
产品和性能信息
性能因用途、配置和其他因素而异。请访问 www.Intel.cn/PerformanceIndex 了解更多信息。
英特尔® 技术的功能和优势取决于系统配置,并且可能需要启用硬件、软件或服务才能激活。实际性能可能因系统配置的不同而有所差异。没有任何产品或组件能够做到绝对安全。请咨询您的系统制造商或零售商,或者访问 Intel.cn 了解更多信息。