Security experts at the University of Virginia and the University of California San Diego. have recently detected three new variants of Spectre attacks impacting Intel processors and all modern AMD, which may be hard to implement by are puzzling to mitigate.
It has also been disclosed that currently, no preexisting Spectre mitigation can provide security against the attacks deployed via these newly uncovered variants.
What is Spectre vulnerability?
Spectre is a vulnerability that affects modern microprocessors that perform branch prediction.
Back in early January 2018, it was reported that Intel shared news of the Meltdown and Spectre security vulnerabilities with Chinese technology companies, before notifying the U.S. government of the flaws.
Apparently, before the publishing of the Intel microprocessor and AMD reports, the security researchers had alerts Intel and AMD that had the potential to permit malicious actors to exfiltrate data from a system.
However, for now, OS patches or microcode quotes are yet to be published and could remain likewise.
Impacting Intel and AMD
This is the result of the nature of the Intel and AMD attacks and their mitigations that are complex and come with a significant admonition.
The cyber- vulnerability impacting the Intel and AMD devices has been speculated to be limited to direct attacks as exploiting micro-ps cache security holes is very complicated.
It is to be noted that the malware will have to decaden all other software and hardware cybersecurity protocols and measures.
For CPU makers, one of the biggest concerns will be the performance impacting mitigation measures outlined by the researchers, including the flushing of the micro-op cache at domain crossings or privilege level-based partitioning of the caches. The paper’s authors claim this mitigation would come with a “much greater performance penalty” than those related to previous attacks.
The first of the trio of possible exploits is a same thread cross-domain attack that leaks secrets across the user kernel boundary. A separate variant relies on a cross-SMT thread attack that transmits secrets across two SMT threads via the micro-op cache. The paper also describes “transient execution attacks” that can be used “to leak an unauthorized secret accessed along a misspeculated path, even before the transient instruction is dispatched to execution.”