Intel says its upcoming Tiger Lake mobile CPUs will be the first to use its anti-malware Control-flow Enforcement Technology
We have been hearing about Intel’s new anti-malware Control-flow Enforcement Technology or CET for a long time and now we get to use it. Intel today announced that it will be shipping its new Tiger Leak smartphone chips with built-in CET security feature. The Tiger Lake smartphone CPU is supposed to be launched by the end of 2020 and will have the CET, which stands for Control-flow Enforcement Technology to protect users against malware.
Intel has been working on the CET tech since 2016. The CET runs by controlling the flow. Any malware that runs on any devices hijacks the control flow, and insert its malicious code to run in the context of another app. CET tech doesn’t allow that to happen through two security tools called shadow stack, and indirect branch tracking. Shadow stack will ensure that no unauthorized changes take place in an app’s intended execution order while the indirect branch will restrict any App’s ability to use CPU “jump tables.”
Intel says that if these two, the App execution flow and the ability to jump tables are controlled within the CPU itself, no malware can be executed. Since Intel revealed its first specifications for CET, Glibc and Microsoft have already taken steps to include it. Microsoft has already incorporated the CET tech in the Windows 10 insiders build as a tool called Hardware-enforced Stack Protection.
With Intel making the move to bring the CET tech to Tiger Lake mobile CPU’s, pretty soon we may have all CPUs running CET and minimizing the rampant malware infection problems.