New Spectre Attack Surfaces as Intel Rolls Out New Patch Schedule

New Spectre Attack Surfaces as Intel Rolls Out New Patch Schedule

A new exploit related to the Spectre attacks we’ve been cataloguing since the beginning of the year has arrived, and Intel has a new plan for dealing with these events as they continue to periodically pop up. As has been the case with previous Spectre attacks, this new variant targets the behavior of microprocessors engaged in speculative execution, or the practice of performing calculations that may nor may not be actually used as a means of improving overall performance.

Ars Technica has written an excellent explainer on this specific exploit, which deals with speculative buffer overflow. Like a normal buffer overflow, a speculative buffer overflow attempts to write data beyond the defined boundary of an array with the goal of executing code in a memory space where it shouldn’t be. Intel CPUs are allowed to perform a speculative write to read-only memory when such an operation wouldn’t be permitted under normal conditions, because it’s assumed that the speculative execution will only be used in the event it’s actually needed. Otherwise, this information and the operations based on it will be discarded — and because the data will ultimately be discarded, the need to enforce strict security protocols wasn’t followed. Previous Spectre exploits have focused on speculative reads; this new paper illustrates that speculative writes are also vulnerable.

New Spectre Attack Surfaces as Intel Rolls Out New Patch Schedule

The good news is, there are various mitigation techniques that can be deployed to resolve this issue. Because this flaw involves attempting to speculatively write data into an invalid array location, one potential solution is to first test array elements to ensure they exist before attempting to write them. There are also techniques for protecting against conventional buffer overflows that can be leveraged against speculative ones. In short, this new iteration of Spectre isn’t a reason to flee for the hills — it’s another example of how Spectre isn’t one attack, but an entire class of them that attackers can leverage in many different ways.

Intel is moving to its own new strategy for disclosing Spectre-related flaws. Rather than dropping security updates at irregular intervals, The Register reports that Intel will instead adopt a similar strategy to Microsoft’s and will release quarterly updates. Quarterly Patch Tuesday, in other words. The company would still work behind the scenes with OEMs, Microsoft, and other companies to make certain patches were ready for deployment — this synchronization is intended to simplify the rollout schedule and not drag it out over a longer period of time. Based on how much confusion there was around the Meltdown and Spectre patches (and even in the newsroom, there were questions about exactly which systems and architectures had been patched at any given moment, since some patches had to be pulled and then reissued), a more measured system would be welcome.

Intel has also promised that fixes to Spectre are coming in hardware with future product launches, but we don’t know when those platforms will be available or exactly what form the fixes will take — especially when new flaws are still being found.

Continue reading

Intel Launches AMD Radeon-Powered CPUs
Intel Launches AMD Radeon-Powered CPUs

Intel's new Radeon+Kaby Lake hybrid CPUs are headed for store shelves. Here's how the SKUs break down and what you need to know.

NASA’s OSIRIS-REx Asteroid Sample Is Leaking into Space
NASA’s OSIRIS-REx Asteroid Sample Is Leaking into Space

NASA reports the probe grabbed so much regolith from the asteroid that it's leaking out of the collector. The team is now working to determine how best to keep the precious cargo from escaping.

Intel’s Raja Koduri to Present at Samsung Foundry’s Upcoming Conference
Intel’s Raja Koduri to Present at Samsung Foundry’s Upcoming Conference

Intel's Raja Koduri will speak at a Samsung foundry event this week — and that's not something that would happen if Intel didn't have something to say.

Review: The Oculus Quest 2 Could Be the Tipping Point for VR Mass Adoption
Review: The Oculus Quest 2 Could Be the Tipping Point for VR Mass Adoption

The Oculus Quest 2 is now available, and it's an improvement over the original in every way that matters. And yet, it's $100 less expensive than the last release. Having spent some time with the Quest 2, I believe we might look back on it as the headset that finally made VR accessible to mainstream consumers.