Software Security Guidance
Resources and recommendations for developers and systems experts looking to understand potential vulnerabilities, assess risk, and build more secure solutions.
Your Source for Software and Software-Enabled Hardware Security Information
Explore guidance for securing your systems, writing more secure code, and understanding the impact of side channel vulnerabilities.
Featured Security Guidance
| CVSS | Title | CVE (If Applicable) | INTEL-SA (If Applicable) | Disclosure Date or Posting Date |
|---|---|---|---|---|
| 6.0 | Stale Data Read from Legacy xAPIC | CVE-2022-21233 | INTEL-SA-00657 | 2022-08-09 |
| 5.5 |
|
CVE-2022-26373 | INTEL-SA-00706 | 2022-08-09 |
| 4.7 | Return Stack Buffer Underflow | CVE-2022-28693 CVE-2022-29901 |
INTEL-SA-00702 INTEL-SA-00707 |
2022-07-12 |
| 6.1 | Processor MMIO Stale Data Vulnerabilities | CVE-2022-21123 CVE-2022-21125 CVE-2022-21127 CVE-2022-21166 |
INTEL-SA-00615 | 2022-06-14 |
| n/a | Frequency Throttling Side Channel Guidance for Cryptography Implementations | n/a | n/a | 2022-06-14 |
| n/a |
Data Operand Independent Timing Instruction Set Architecture Guidance | n/a | n/a | 2022-05-10 |
| 4.7 | 2022-03-08 |
Check Affected Processors
Evaluate the impact of transient execution attacks from 2018 through today on Intel® CPUs to determine the recommended way to stay protected from potential attacks.
Actions to Take
Take these steps to assess risk and determine mitigations.
Read a detailed overview of the microcode update (MCU) process on current Intel® processors, including points when microcode may be loaded and guidelines for microcode updates.
Spectre and Meltdown Checker Script
This resource can help you check if a system is potentially vulnerable to transient execution attacks. It supports several open-source operating systems and looks for vulnerabilities on a variety of platforms.
Understand SRBDS Mitigation Impact on Intel® Secure Key
Learn how mitigations for special register buffer data sampling (SRBDS) affect the behavior of the RDRAND and RDSEED instructions that are key to the Intel® Secure Key digital random number generator.
Security Best Practices for Side Channel Resistance
Follow advice for developers and system administrators to help provide a solid foundation to maximize an application or system's resistance to side channels.
Software Security In Depth
Read detailed analysis and mitigations for Intel-supported issues.
Security Information
Learn more about Intel's commitment to security.
Vulnerability Management at Intel
Intel has sophisticated systems to address security vulnerabilities in Intel products, led by the Product Security & Incident Response Team (PSIRT). Learn more about vulnerability handling and disclosure processes.
Report a Security Vulnerability
If you believe you've found a security vulnerability in an Intel product or solution, notify us through the Intel Bug Bounty Program, and work with Intel to mitigate and coordinate disclosure of the vulnerability.
Watch this video to find out what you can expect when participating in the Intel Bug Bounty Program.
Product and Performance Information
Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.
Features and benefits in Intel® technologies depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at Intel.com.
Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.
Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates.
The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.
Intel provides these materials as-is, with no express or implied warranties.