Due to incomplete documentation from Intel, the debugging interface for its chips was not implemented correctly by operating system vendors, which resulted in a security vulnerability. The issue affects most operating systems out there, including Windows, macOS, FreeBSD, and multiple Linux distributions.
From Ring 3 To Ring 0
The CERT Coordination Center has blamed Intel for incomplete documentation for its MOV SS and POP SS interrupt/exception instructions. The MOV SS and POP SS instructions inhibit interrupts, data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction.
The issues seems to be that by misinterpreting Intel’s incomplete documentation for these instructions, the OS vendors were allowing instructions such as SYSCALL, SYSENTER, INT 3, and others that transfer control to the operating system at Current Privilege Level (CPL) < 3 to follow the MOV SS and POP SS instructions.
This would result in an unexpected behavior by allowing Ring 3 user-level applications to control the kernel Ring 0 system level. In other words, malicious apps would be able to gain control of lower-level components of the system to bypass other security protections and steal sensitive memory information.
Most OS vendors have already issued their patches to users, so you should check for updates on your operating systems and apply them as soon as possible to remain protected against this threat.
We’ve seen quite a few security bugs affecting Intel’s chips and firmware in the past year or so. The most likely explanation for this avalanche of reports is that security researchers have started taking a better look at the security of these processors, with a focus on Intel because of its market dominance.
We can also assume that because the Meltdown and Spectre flaws were first privately revealed to the OS vendors, the OS vendors have begun proactively digging deeper on all the potential security issues coming from Intel chips. To avoid many more reports like this one, or the ongoing Spectre news, Intel will need to take its security pledge very seriously in the coming years.