A New Wave of Spectre-Class Attacks May Be Coming for Intel CPUs
Ever since Spectre and Meltdown were unveiled, there’s been the risk that future attacks might surface as well. One of the things that sets the Spectre attacks apart from Meltdown is that Meltdown targeted a specific vulnerability. The Spectre variants (Variant 1 and Variant 2) described already are two examples of how Spectre can be used to exploit side effects of speculative execution. They aren’t the only ways the trick can be deployed. And now there’s rumors that an entirely new set of disclosures is on the way.
Earlier this week, Heise.de claimed to have seen evidence that eight Spectre-class attacks will be unveiled shortly, with details already unveiled to manufacturers. Heise is referring to these as Spectre-NG (for Next Generation), and claims that it has seen details on all eight, as well as double and triple-checking the outcomes and reports. Here’s how they summarize their findings:
So far we only have concrete information on Intel’s processors and their plans for patches. However, there is initial evidence that at least some ARM CPUs are also vulnerable. Further research is already underway on whether the closely related AMD processor architecture is also susceptible to the individual Spectre-NG gaps, and to what extent.
Intel is said to be prepping its own patches with two rounds of updates scheduled for May and August, with additional patch support from Microsoft, similar to the updates that’ve already rolled out for Spectre and Meltdown. And there’s some sign from Intel that a disclosure may be imminent. A new update from Intel, that went live today, is called “Addressing Questions Regarding Additional Security Issues.” It states:
Protecting our customers’ data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date.
This sounds like similar to language to what we heard when the disclosures around Spectre and Meltdown were pending. But before people jump to conclusions, I’d argue that what we need is calm. Earlier this year, a company named CTS-Labs decided to take some genuine security issues they found within AMD products and chain them to disclosure practices and reports that actively attempted to hijack AMD’s stock price to make money for a particular investment firm. In the process, CTS-Labs demonstrated exactly how important it is that security disclosures remain focused on providing factually accurate understandings of security risks first and foremost, with discussion of underlying financial ramifications or even conclusions about the underlying products themselves handled separately.
As soon as news broke of what Spectre was, it was clear we’d be cleaning up this mess for a long time to come. So far, between Apple, ARM, Intel, and AMD, Intel has been the most directly exposed by Spectre and Meltdown, partly because of the nature of its CPU designs, partly because of its market position. We don’t know how, or if, the next round of disclosures will change these rankings. We don’t know how serious the flaws will collectively be.
Normally, I don’t put such an emphasis on pointing out what we don’t know, but the CTS debacle emphasized, at least to me, the need to treat these situations with care. Intel is obviously treading lightly on this topic, and it’s fair to be concerned about the situation — but we’d stick with “concern” for now, until more details come to light.
Continue reading
Plex Media Servers Being Used to Amplify DDoS Attacks
The researchers claim that a Plex server, properly utilized, can increase the size of DDoS packets by almost five times, making these attacks much more damaging. There's not much Plex users can do about it right now, either.
Cyberpunk Developer Hit with Ransomware Attack
The perpetrators claim to have swiped source code to the company's games, as well as embarrassing internal documents. All will be released unless CDPR pays up, which it says it isn't going to do.
Apple Files Lawsuit Against NSO Group for its Pegasus Spyware Attacks
Apple has announced a lawsuit against NSO Group and its parent company over its Pegasus spyware, seeking to prevent the group from using any of Apple's services and hardware in the future.
Nvidia Hit by Possible Cyber Attack
Reports indicate the attack began at the same time as the Russian incursion into Ukraine.