Eight new Spectre Variant Vulnerabilities for Intel Discovered - four of them critical





News has just started spreading that researchers have sighted another eight Spectre like vulnerabilities in Intel processors, all resemble Spectre, four of them are critical. The new vulnerabilities are grouped and named as Spectre-ng. The newly discovered vulnerabilities would make it really easy to exploit a host from a simple VM.
German c't / Heise reports and breaks the news today, as the new vulnerabilities have not been made public just yet. There would be 'no doubt' that these are real vulnerabilities. While technical details are missing, the attack scenarios resemble close to what the Spectre vulnerabilities are.
Currently, most at risk are shared hosting providers, once you have access to your rented server-container, you could exploit the processor to retrieve secure data. All eight vulnerabilities share the same design problem that the "Meltdown and Spectre" vulnerabilities detailed as well - they are, so to speak, Spectre Next Generation ergo Spectre NG. c't mentions they have concrete information about Intel's processors and their patch plans. However, there are some indications that other processors are affected as well, at least some ARM CPUs are also vulnerable to some extent. Further research into whether and to what extent the AMD processor architecture is vulnerable at (if at all), is not yet known.
Intel is reportedly actively and nervously working on Spectre NG patches behind the scenes; other patches are developed in collaboration with the operating system manufacturers (Microsoft / Linux etc). When exactly the first Spectre NG patches and firmware updates will become available is not yet clear. According to information, Intel is planning at least two patch waves: a first one should start in May; a second is currently scheduled for August. For at least one of the Specter NG patches is already a specific date as it was Google's Project Zero that has found one of the vulnerabilities, on May 7 - the day before the Windows Patchday - the 90-day warning period expires. So it's likely that when the first patch would be released for Microsoft Windows. Microsoft is preparing CPU patches: they appear to be in the form of optional Windows updates, and not so much microcode updated (firmware). The PC motherboard and server manufacturers probably need too long for BIOS updates.
Intel classifies four of the Specter NG vulnerabilities as "high-risk"; which in Intel language is translated as: super dangerous. The danger of the other four is rated as medium. According to c't/Heise, Specter-NG risks and attack scenarios are similar to those of Specter - with one exception. C't calls the Intel vulnerabilities and their procs a Swiss Cheese due to the many security holes.
Senior Member
Posts: 452
Joined: 2018-05-03
My god,hopefully will not hurt performance... if so that's a big blow indeed.
Senior Member
Posts: 662
Joined: 2013-11-23
Somewhere, an Intel engineer is pulling his hair off in frustration.
Senior Member
Posts: 1348
Joined: 2012-10-07
My guess is that Intel are just gonna have to neuter the branch prediction capabilities of their CPUs even more to fix this, so this is kinda worrying from a performance perspective! I've seen a 10-15% drop in CPU load required in Battlefield 1 since updating to the latest 1803 version of Windows 10, which also coincides with my Spectre protection disappearing (as Microsoft haven't released KB microcode patches yet for 1803) - so this either proves that 1803 version of Windows is a lot more CPU efficient when it comes to gaming or that Spectre protection microcodes can have a 10-15% performance cost to CPU load, in Battlefield 1 at least. The thought of an even more performance impactful microcode being released to kerb these new Spectre threats is less than ideal!
Senior Member
Posts: 228
Joined: 2015-06-25
I feel sorry for those guys. This seems to fall under the old adage "Make something idiot-proof and the world just invents a better idiot", except replace idiot's with very clever hackers.
Senior Member
Posts: 2759
Joined: 2014-10-20
Ouch.
Senior Member
Posts: 3114
Joined: 2011-11-24
Speculative execution. The gift that keeps on giving.
You know, I always thought computer security was really hard. I now changed my mind. It's impossible.
Senior Member
Posts: 11027
Joined: 2014-07-21
Well it is possible, just not with the design choices around. If speculative execution wouldn't be around, we'd have decreased performance, but not patches needed (in this very single matter though).
The easiest fix for something like this is not to create any exploitable mechanism. I hope that at least in the future this won't happen again... can't wait to see if Intel's next architecture gets equally exploitable features for another 5% performance increase...

Senior Member
Posts: 137
Joined: 2016-10-11
How do you think this will effect on EPYC sales?
As I see it those new vulnerabilities month after month brings huge trouble to company's + after patches they loose performance.
Senior Member
Posts: 171
Joined: 2015-06-01
It will hurt performance for sure.
Senior Member
Posts: 8979
Joined: 2004-05-10
You know, I always thought computer security was really hard. I now changed my mind. It's impossible.
Whenever I see PC security breaches, I'm reminded of Denuvos anti-piracy measures for PC games. Theres only a brief period where the measures can work. Where theres a will, theres a way for hackers to defeat just about anything.
Here I was foolishly thinking my next CPU Zen 2 will be totally secure from these issues, and it probably will.... until the next big exploit or breach is found.
Senior Member
Posts: 6240
Joined: 2010-08-28
After patching i can expect performance similar to a Pentium 3? :p
Joking aside, this sucks!
Senior Member
Posts: 16438
Joined: 2012-05-18
You reap what you sow, or something like that. XD
Senior Member
Posts: 1692
Joined: 2013-03-10
I feel sorry for those guys. This seems to fall under the old adage "Make something idiot-proof and the world just invents a better idiot", except replace idiot's with very clever hackers.
I hope they got paid well in the past when they didn't need to do much for 10 years. Now they are paying back the karma. In the end it was the businessmen who told the engineers not to do much at all, but I bet now those same businessmen are then telling the engineers to perform miracles overnight.
How do you think this will effect on EPYC sales?
As I see it those new vulnerabilities month after month brings huge trouble to company's + after patches they loose performance.
Didn't Intel report record earnings? Security is overrated. Nobody seems to care in practice.
Member
Posts: 28
Joined: 2013-06-07
What's the problem? Switch to AMD.
NSA is a Intel partner

Senior Member
Posts: 11027
Joined: 2014-07-21
Patches scheduled for May and August... I believe it when I see it.
Last time Intel gave patch dates after the big exploit they took three months longer than expected, and then you didn't get them for all the CPUs they originally claimed they'd patch. Way to go m$, quite a track record in 2017/18 so far.