• Home
  • /News
  • /Intel Introduces SMEP for Ivy Bridge, A New Security Feature

Intel Introduces SMEP for Ivy Bridge, A New Security Feature

Integrated Function to fight against Malicious Software

AMD was the first company to introduce an integrated function inside its processor to protect the computer against malicious software. First processors to have this feature were AMD Athlon 64 processors. This famous integrated function was done through the NX bit by AMD. Likewise, Intel will now introduce an additional safety feature with the Ivy-Bridge architecture. This safety feature is intended to protect against privilege escalation.

Intel Introduces SMEP for Ivy Bridge, A Security Feature

How Supervisory Mode Execution Protection (SMEP) Works?

This additional safety feature is named as Supervisory Mode Execution Protection by Intel (SMEP). The new function is introduced to prevent insufficient justification effect on memory processes in the application. The processes are characterized by a flag (as Intel names it) and divided into four levels of permission. The four levels are level 0 to level 3. A program that is marked with flag-3, has therefore no access to the operating system or applications which have been marked with flag-2 or flag-1. The most prioritized flag will be the one with the value 0 (zero).

This feature is not yet natively supported by Windows 7. For Linux kernel 3.0, the feature is already implemented. Whether Windows 8 can handle the new instruction set is still unclear.  But this works on both 32 – and 64-bit.