Google and Microsoft are out with details on yet another Spectre like CPU flaw which is documented in CVE-2018-3639. It is similar to the other Spectre flaws as it stems from speculative execution. This is a technique that modern chips use to optimize their performance by making assumptions about upcoming operations. In this case if the CPU begins a process that doesn’t take place, then it should unwind and delete all of the related data. But sometimes it doesn’t do that which means that someone could get access to that data and here we are talking about it.
Intel has said that the fixes it has already deployed for other variants of this flaw should make this more difficult to exploit. And new fixes are on the way. But they may impact performance. Thus they will be off by default because the risk level is low. But the risk exists so you should expect to see some action on this front in the near future.
Like this:
Like Loading...
Related
This entry was posted on May 22, 2018 at 10:46 am and is filed under Commentary with tags Intel, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Oh Noes! Even More Spectre Like CPU Flaws Found
Google and Microsoft are out with details on yet another Spectre like CPU flaw which is documented in CVE-2018-3639. It is similar to the other Spectre flaws as it stems from speculative execution. This is a technique that modern chips use to optimize their performance by making assumptions about upcoming operations. In this case if the CPU begins a process that doesn’t take place, then it should unwind and delete all of the related data. But sometimes it doesn’t do that which means that someone could get access to that data and here we are talking about it.
Intel has said that the fixes it has already deployed for other variants of this flaw should make this more difficult to exploit. And new fixes are on the way. But they may impact performance. Thus they will be off by default because the risk level is low. But the risk exists so you should expect to see some action on this front in the near future.
Share this:
Like this:
Related
This entry was posted on May 22, 2018 at 10:46 am and is filed under Commentary with tags Intel, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.