All Intel processors from 2015 to 2022 are affected by a vulnerability called “Downfall”. Attackers can grab sensitive information from other users on a computer like password, encryption keys and personal data. Google found this flaw nearly a year ago and reported is to Intel.
The flaw is in the processor’s memory optimization and makes unintended internal hardware register accessible by software. This can be used on multi-user computer to get information from other users. On single-user computer malicious applications or apps can use this flaw. Another scenario is to attack cloud-computer that are located on the same physical infrastructure. So, nearly all computer users are affected.
Antivirus software cannot detect this kind of attack. So, patching is the only solution for this situation.
Intel provides fixes for their processor’s firmware, but they have to be distributed by the device manufactures. They will create tailored patches for their devices based on the code provided by Intel. So, this can take some time.
Some information from Intel:
https://www.intel.com/content/www/us/en/developer/topic-technology/software-security-guidance/processors-affected-consolidated-product-cpu-model.html?wapkw=Downfall
https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/advisory-guidance/gather-data-sampling.html?wapkw=downfall
Some further information:
