Software Security Guidance
This information is designed for developers and systems experts looking to understand potential vulnerabilities and assess risk, with resources and recommendations for building more secure solutions.
Featured Security Guidance
|CVSS||Issue Overview||CVE||INTEL-SA||Disclosure Date||Technical Documentation (If Applicable)|
|6.0||Stale Data Read from Legacy xAPIC||CVE-2022-21233
|4.7||Return Stack Buffer Underflow||CVE-2022-28693
|6.1||Processor MMIO Stale Data Vulnerabilities||CVE-2022-21123
|INTEL-SA-00615||2022-06-14||Processor MMIO Stale Data Vulnerabilities|
|Branch History Injection|
Check Affected Processors
Evaluate the impact of transient execution attacks from 2018 through today on Intel® CPUs to determine the recommended way to stay protected from potential attacks.
Proactively Secure Software for Intel® Processors
To develop for system security and performance, developers must understand how software works with hardware. To balance both priorities:
- Adhere to security best practices and secure coding principles as a first line of defense.
- Download the latest microcode and follow recommended mitigation guidance for known issues.
- Learn Intel hardware behavior and how software can best use that behavior and associated features.
The following documents show how to develop and secure software running on Intel processors, as well as details and options for fine-tuned control of software and hardware features according to the most up-to-date guidance.
Report a Security Vulnerability
If you believe you've found a security vulnerability in an Intel product or solution, notify us through the Intel Bug Bounty Program, and work with Intel to mitigate and coordinate disclosure of the vulnerability.
Watch this video to find out what you can expect when participating in the Intel Bug Bounty Program.
Product and Performance Information
Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.
Features and benefits in Intel® technologies depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No product or component can be absolutely secure. Check with your system manufacturer or retailer or learn more at Intel.com.
Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors.
Performance tests, such as SYSmark and MobileMark, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more complete information visit www.intel.com/benchmarks.
Performance results are based on testing as of dates shown in configurations and may not reflect all publicly available updates.
The products and services described may contain defects or errors known as errata which may cause deviations from published specifications. Current characterized errata are available on request.
Intel provides these materials as-is, with no express or implied warranties.