Intel and Google uncover critical flaws in TDX after joint security review

Google Cloud’s security team and Intel researchers carried out a focused code review of Intel’s Trust Domain Extensions, the processor-backed technology intended to isolate sensitive workloads in cloud environments. The collaboration, spanning roughly five months, combined manual audit techniques, custom tooling, and AI-assisted analysis to examine the TDX Module 1.5 implementation. Reviewers identified five security flaws that could be exploited for privilege escalation and data exposure, and they documented 35 additional bugs and weaknesses that reduce the platform’s assurance posture. One of the findings describes a migration-time weakness that can change a protected domain’s operational attributes and expose its decrypted state to a host, effectively breaking the isolation guarantees TDX is designed to provide. The team produced an extensive technical report and coordinated disclosures; Intel released fixes and a public advisory detailing the tracked vulnerabilities. This patching reduces immediate operational risk, but the discovery highlights the difficulty of securing trusted execution features in complex, multi-component stacks. Cloud providers and customers that depend on TDX for confidentiality must validate updated firmware and software builds and adjust migration policies and attestation workflows. The episode also underscores the value of third-party audits and cooperative disclosure between platform vendors and cloud operators; independent review found issues that internal processes did not catch. From an attacker perspective, migration routines and host-controlled transitions present a recurring attack surface that merits hardened checks and runtime guards. For the industry, these findings will likely accelerate scrutiny of confidential computing primitives and push developers to adopt stronger formal verification and runtime monitoring where feasible. Operational responses should include rapid deployment of Intel’s patches, reassessment of migration trust assumptions, and tighter host-side isolation controls. In the longer term, vendors and cloud operators must reconcile feature complexity with verifiability to avoid systemic risks as confidential computing becomes more widely used.