Intel disclosed a new class of CPU speculative-execution vulnerabilities, known collectively as “L1 Terminal Fault.” This new class of vulnerabilities can occur on current and past Intel processors (from at least 2009 – 2018) when affected Intel microprocessors are speculating beyond an unpermitted data access.
By continuing the speculation in these cases, the affected Intel microprocessors expose a new side-channel for attack, allowing a malicious VM to infer data in the hypervisor and other VMs running on a core.
Our top priority is protecting and ensuring the security of your data and systems. As is our practice, VMware has been working closely with industry partners, such as Intel and others, to assess the issue and determine the most effective update and/or patch in conjunction with our partners. To learn more, please read this Knowledge Base (KB) article, which has been created as the centralized source of information for this issue. The article provides links to additional KB articles with detailed mitigation processes for each of the attack vectors identified by the L1 Terminal Fault vulnerabilities.