Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full VM Compromise

A joint security audit conducted by Google and Intel on Intel Trust Domain Extensions (TDX) — a confidential computing technology isolating virtual machines from hypervisors — uncovered a severe vulnerability capable of enabling full compromise of a protected guest VM. TDX is widely deployed across cloud providers to offer hardware-enforced isolation for sensitive workloads running on shared infrastructure, making the flaw significant for cloud operators and tenants alike. The vulnerability was disclosed via coordinated responsible disclosure with Intel, and a patch has been made available according to SecurityWeek's reporting.

Key Takeaways

• Intel TDX (Trust Domain Extensions) vulnerability discovered during a Google-Intel joint security audit — severity rated as allowing full guest VM compromise from outside the guest
• TDX is used in cloud confidential computing deployments on x86 hardware to protect sensitive workloads against untrusted hypervisors; affected platforms include major public clouds
• Patch issued via coordinated disclosure; cloud operators running TDX-enabled instances should verify patch status and apply Intel firmware and hypervisor updates

Original source: SecurityWeek