«
»

Security Researchers Find 8 New ‘Spectre-Class’ Flaws In Intel CPUs…. Possibly ARM Too

Here we go again.

Sometime today, we’re going to get details on eight… Yes eight CPU flaws that are being dubbed “Spectre NG” or Spectre Next Generation. First, here’s the details from Reuters:

Researchers have found eight new flaws in computer central processing units that resemble the Meltdown and Spectre bugs revealed in January, a German computing magazine reported on Thursday. The magazine, called c’t, said it was aware of Intel Corp’s plans to patch the flaws, adding that some chips designed by ARM Holdings, a unit of Japan’s Softbank, might be affected, while work was continuing to establish whether Advanced Micro Devices chips were vulnerable… The magazine said Google Project Zero, one of the original collective that exposed Meltdown and Spectre in January, had found one of the flaws and that a 90-day embargo on going public with its findings would end on May 7…

“Considering what we have seen with Meltdown and Spectre, we should expect a long and painful cycle of updates, possibly even performance or stability issues,” said Yuriy Bulygin, chief executive officer of hardware security firm Eclypsium and a former Intel security researcher. “Hopefully, Meltdown and Spectre led to improvements to the complicated process of patching hardware.”

The reason why

Neowin also reports that Intel is expected to release microcode updates in two waves; one in May, and the other in August. But it also says this:

That being said, it appears that Google’s Project Zero may have discovered at least one of the eight vulnerabilities a while ago, and their stringent 90-day non-disclosure window may be very close to lapsing, perhaps as early as May 7, if sources are to be believed. After that, their policy is to publicly release information on the vulnerability, regardless of whether a fix is out.

Which means that this is about to get very real very quickly. I’ll be watching this story and I’ll be posting updates as new info comes to light.

This entry was posted on May 7, 2018 at 7:54 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Security Researchers Find 8 New ‘Spectre-Class’ Flaws In Intel CPUs…. Possibly ARM Too”

  1. So There’s An “Unfixable” Bug In Apple Silicon… What Does That Mean For You? | The IT Nerd Says:
    March 26, 2024 at 9:11 am

    […] PCs and Windows all the things chime in, Intel and AMD have had their share of similar issues. This one and this one come to mind. While there are mitigations that Apple could take such as trying to […]

    Reply

Leave a Reply to So There’s An “Unfixable” Bug In Apple Silicon… What Does That Mean For You? | The IT NerdCancel reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading