TSX Asynchronous Abort Advisory, INTEL-SA-00270, Disclosed November 11, 2019


Product Information & Documentation



On November 11, 2019, Intel publicly disclosed a potential security vulnerability in Intel® Transactional Synchronization Extensions (TSX) Asynchronous Abort (TAA). Some Intel® Processors may allow information disclosure. Intel has released firmware updates to mitigate this potential vulnerability.

TSX Asynchronous Abort (TAA) relies on TSX. Systems that don't use TSX are not impacted by TAA.

Intel’s prior microcode mitigations for Microarchitectural Data Sampling (MDS) already help address TAA. MDS is a sub-class of previously disclosed speculative execution side channel vulnerabilities. For processors with hardware mitigations against MDS, a new microcode is available to help address TAA.

This vulnerability has been classified as medium severity (6.5) per the industry standard CVSS, and it’s important to note that there are no reports of any real-world exploits of this vulnerability.

Affected products:
A list of impacted products can be found here along with the updated MCU version needed to address this vulnerability.

Intel recommends that users of the affected Intel® Processors, contact their system provider to obtain the latest firmware version that addresses these issues.

To identify the microcode version on your system and determine if an update is needed from your system manufacturer, follow the steps provided here.

Intel encourages everyone to keep their systems up to date, as it's one of the best ways to stay protected.

Further technical details of the vulnerabilities can be found in the Intel Security Center, INTEL-SA-00270.

If you need further assistance, please contact Intel Customer Support.

General questions & answers:

Click or the question for details:

What is Intel® Transactional Synchronization Extensions (TSX)? Transactional Synchronization Extensions (TSX-NI) is an extension to the x86 instruction set architecture (ISA) that adds hardware transactional memory support, speeding up execution of multi-threaded software.
If a product doesn't support TSX is it still affected? No, TAA relies on TSX.
Is Intel aware of any real-world usage of these new security issues? No. Intel isn't aware of any reported real-world exploits based on MDS or TAA.
The microcode version on my system is less than the version required per the Microcode Guidance Document, what should I do? Updated microcode has been provided to system manufacturers. Please contact your system manufacturer to obtain the updated microcode.