Jump to content
Login new information ×
Login new information
  • Security & Privacy News

    On Windows Patch day, Google helped Intel improve a major security feature on its CPUs

    Karlston

    By Karlston,
    Published Date:

    • 1 comment
    • 250 views
    • 2 minutes
     Share
    • 1 comment
    • 250 views
    • 2 minutes

    Intel today, on Windows Patch Tuesday, released new findings from a joint security review with Google, highlighting its ongoing work to strengthen Intel Trust Domain eXtensions (Intel TDX). This confidential computing technology is designed to protect sensitive workloads, even in hostile environments.

     

    Confidential computing is a critical safeguard for cloud and multi-tenant enterprise systems. Billions of users depend on hardware-based protections to keep data secure against compromised hypervisors or malicious insiders. Intel TDX enables Confidential Virtual Machines (CVMs), also called Trust Domains (TDs), which enforce confidentiality and integrity at the hardware level. Google Cloud, a major partner in testing and improving these protections, offers Confidential VMs built on Intel Xeon CPUs. Microsoft is also an Intel partner, providing CVMs on Azure.

     

    Intel introduced TDX to extend the hardware root of trust into virtualized environments. By isolating workloads inside CVMs, TDX ensures that even privileged software layers cannot access protected data. The technology spans hardware, firmware, and software, and is developed under Intel’s Security Development Lifecycle (SDL). This process includes early threat modeling, detailed design and code analysis, and ongoing risk mitigation throughout product development.

     

    The latest collaboration focused on Intel TDX Module 1.5, which governs high-level TDX functions. Over five months in 2025, Google’s Cloud Security team worked with Intel’s INT31 research group to examine two advanced features:

     

    • Live Migration: allowing a Trust Domain to move between host platforms while running.
    • TD Partitioning: enabling nested VMs inside TDs.

     

    Google engineers employed manual code reviews, custom bug-finding tools, and off-the-shelf AI, including Gemini pro, to analyze the module. Their work uncovered five vulnerabilities and flagged 35 additional weaknesses and improvement suggestions. All five vulnerabilities have since been patched in the latest release of Intel TDX Module code.

     

    Thus workloads running on Google Cloud Confidential VMs backed by Intel TDX will now benefit from these new enhancements.

     

    Source

    Hope you enjoyed this news post. Feedback welcome.

    Posted Wednesday 11 February 2026 at 11:55 am AEST (my time).

    News posts: 2023 5,800+ | 2024 5,700+ | 2025 5,700+ | 2026 (to end of January) 461

    RIP Matrix

     Share
    Go to news

    User Feedback

    Recommended Comments

    Tzcon

    As long as intel CPU's have the so called "Management Engine", they are compromised, no matter what Googly-eyed freaks put into them. And I'm not sure Adios My Dineros is any better.

    Link to comment
    Share on other sites


    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...