A New Wave of Spectre-Class Attacks May Be Coming for Intel CPUs

A New Wave of Spectre-Class Attacks May Be Coming for Intel CPUs

Ever since Spectre and Meltdown were unveiled, there’s been the risk that future attacks might surface as well. One of the things that sets the Spectre attacks apart from Meltdown is that Meltdown targeted a specific vulnerability. The Spectre variants (Variant 1 and Variant 2) described already are two examples of how Spectre can be used to exploit side effects of speculative execution. They aren’t the only ways the trick can be deployed. And now there’s rumors that an entirely new set of disclosures is on the way.

Earlier this week, Heise.de claimed to have seen evidence that eight Spectre-class attacks will be unveiled shortly, with details already unveiled to manufacturers. Heise is referring to these as Spectre-NG (for Next Generation), and claims that it has seen details on all eight, as well as double and triple-checking the outcomes and reports. Here’s how they summarize their findings:

So far we only have concrete information on Intel’s processors and their plans for patches. However, there is initial evidence that at least some ARM CPUs are also vulnerable. Further research is already underway on whether the closely related AMD processor architecture is also susceptible to the individual Spectre-NG gaps, and to what extent.

Intel is said to be prepping its own patches with two rounds of updates scheduled for May and August, with additional patch support from Microsoft, similar to the updates that’ve already rolled out for Spectre and Meltdown. And there’s some sign from Intel that a disclosure may be imminent. A new update from Intel, that went live today, is called “Addressing Questions Regarding Additional Security Issues.” It states:

Protecting our customers’ data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date.

This sounds like similar to language to what we heard when the disclosures around Spectre and Meltdown were pending. But before people jump to conclusions, I’d argue that what we need is calm. Earlier this year, a company named CTS-Labs decided to take some genuine security issues they found within AMD products and chain them to disclosure practices and reports that actively attempted to hijack AMD’s stock price to make money for a particular investment firm. In the process, CTS-Labs demonstrated exactly how important it is that security disclosures remain focused on providing factually accurate understandings of security risks first and foremost, with discussion of underlying financial ramifications or even conclusions about the underlying products themselves handled separately.

A New Wave of Spectre-Class Attacks May Be Coming for Intel CPUs

As soon as news broke of what Spectre was, it was clear we’d be cleaning up this mess for a long time to come. So far, between Apple, ARM, Intel, and AMD, Intel has been the most directly exposed by Spectre and Meltdown, partly because of the nature of its CPU designs, partly because of its market position. We don’t know how, or if, the next round of disclosures will change these rankings. We don’t know how serious the flaws will collectively be.

Normally, I don’t put such an emphasis on pointing out what we don’t know, but the CTS debacle emphasized, at least to me, the need to treat these situations with care. Intel is obviously treading lightly on this topic, and it’s fair to be concerned about the situation — but we’d stick with “concern” for now, until more details come to light.

Continue reading

VIA Technologies, Zhaoxin Strengthen x86 CPU Development Ties
VIA Technologies, Zhaoxin Strengthen x86 CPU Development Ties

VIA and Zhaoxin are deepening their strategic partnership with additional IP transfers, intended to accelerate long-term product development.

How L1 and L2 CPU Caches Work, and Why They’re an Essential Part of Modern Chips
How L1 and L2 CPU Caches Work, and Why They’re an Essential Part of Modern Chips

Ever been curious how L1 and L2 cache work? We're glad you asked. Here, we deep dive into the structure and nature of one of computing's most fundamental designs and innovations.

Every CPU, GPU, and Console Debut This Fall Was Effectively a Paper Launch
Every CPU, GPU, and Console Debut This Fall Was Effectively a Paper Launch

Every CPU, GPU, and console launch since midsummer has effectively (if not technically) been a paper launch for the majority of consumers who wanted the hardware.

How Does Windows Use Multiple CPU Cores?
How Does Windows Use Multiple CPU Cores?

We take multi-core awareness for granted these days, but how do the CPU and operating system communicate with each other in the first place?