Release of a Technical Report into Intel Trust Domain Extensions

Google Project Zero and Google Cloud conducted a security review of Intel's Trust Domain Extensions (TDX). TDX aims to isolate virtual machines by securing guest physical memory, limiting exposure to the hosting environment. The review was based on pre-release source code for TDX version 1.0. The review identified 10 security vulnerabilities that were fixed before the TDX feature's final release. Five additional areas were identified for future defense-in-depth improvements. The final report highlights key issues and provides an overview of the TDX architecture. Google Cloud security blog and the final report provide more details. Intel has made the source code available on the TDX website for independent review. The review demonstrates Google's commitment to security and highlights the importance of collaboration between vendors and security researchers. The fixed vulnerabilities enhance the security of TDX, ensuring greater protection for confidential data in virtualized environments.