8 New Spectre Security Flaws Found in Intel CPUs, One Variant More Critical Than Any Before

Written by Jon Sutton on Thu, May 3, 2018 3:29 PM

Intel’s woes with Spectre continue to unfold, some five months after the CPU flaw was made public. Several groups of researchers have now discovered no less than eight new Spectre variant vulnerabilities, including four that have been classified as critical flaws.

The new flaws have collectively been dubbed Spectre NG, and each of the eight security holes in Intel CPUs will require their own patches in order to fix. They can be exploited from a host machine through running a Virtual Machine (VM). Fundamentally they’re the same security vulnerabilities as previous Spectre flaws, just variants on a theme.

The four high-risk Spectre NG vulnerabilities are classified as the most dangerous and could pose a serious threat to servers and hosting providers. Basically, anywhere that houses multiple services within a single server container. Those looking to exploit could exploit the Intel CPU to access outside of their container and potentially retrieve secure data from the host machine.

One of the Spectre NG vulnerabilities is allegedly more dangerous than any Spectre flaw before. German tech site Heise says “Specter NG gaps simplifies cross-system attacks so much that we are much more aware of the threat potential than Specter.” Passwords and access keys are cited as the items most at threat, particularly within machines running cloud services.

For the average end user, the threat is thankfully fairly low. It’s not the easiest task to gain access to a machine locally and there are far easier ways for hackers to go about extracting data from standard PC users. It will mean further patches are going to be necessary, although the first round of Meltdown and Spectre fixes didn’t prove to be quite the performance hit that had been scaremongered at the time.

Heise reports that Intel is planning two waves of patches; the first is planned for May, while the second is scheduled for August. Intel is also working with operating system providers in order to work on their own fixes and preventative measures.

It doesn’t look as if AMD is getting away with this scot-free either. Heise reckons that at least AMD processors using the ARM architecture could be vulnerable, although further research on this is going to be required.

Spectre continues to be the rash that just doesn’t fade away for Intel, and it looks as if this is probably won’t be the last we hear of this long-running issue.

Source: Guru3D

Thanks to ENTLVL820m for bringing this to my attention!

Login or Register to join the debate

Rep
55
Offline
18:22 May-04-2018

This just keeps getting better and I am saying this even after watching Avengers: Infinity War!

0
Rep
29
Offline
06:00 May-04-2018

burn intel burn

1
Rep
386
Offline
admin approved badge
06:10 May-04-2018

Why?

3
Rep
29
Offline
19:32 May-04-2018

They held back cpu advancement for 5 years only releasing slightly better cpu's each generation because they knew AMD wasnt doing anything about it. They used shady business tactics in the past.They fired my sisters boyfriend for no reason.

0
Rep
386
Offline
admin approved badge
20:58 May-04-2018

AMD did the same during the K7 and K8 era... K6 was milked as well... -> K6, K6-2, K6-3...


And yeah they used ****ty tactics, I'm NOT a fan of it either, but all companies do that to a certain extent, even AMD, they paid and sponsored tech of tomorrow to say good things about Ryzen or was it, Vega, nvm which, and he spoke out about it, so that means neither Intel, nor Nvidia has done that with him...

2
Rep
386
Offline
admin approved badge
21:00 May-04-2018

Also, Intel's management is that of a retarded autist that can't clap his hands... every time they need to save money, instead of optimizing their staff and tasks, they just fire people just like that... so if anybody ever gets fired from intel for no reason, they are cutting costs, does NOT matter if one is doing one's job correctly. Intel has been overhiring people for years now and that's why they just default to the easiest cost savings -> firing people...

-1
Rep
5
Offline
00:45 May-05-2018

please refrain from using retard because I actually am retarded and have autism but other then that thanks mate love your emotionally charged comments

0
Rep
94
Offline
19:51 May-05-2018

To be honest, if AMD didn't do something to beat intel, why would intel do the best of the best? That could mean that they won't produce anything good after that for many years, meaning that they won't make any profit. Slow and steady wins the race. It's not about technology, it's business tactics, keeping the company alive with profit. Can't blame them.

1
Rep
386
Offline
admin approved badge
21:19 May-05-2018

I do NOT know how me using or NOT using a word will change your condition, but oh well...


when someone says retard one means someone who can barely function and you are NOT only functioning, but you are even on a computer writing a comment...

1
Rep
97
Offline
admin approved badge
23:08 May-03-2018

Everything is sketchy now.

0
Rep
-25
Offline
20:04 May-03-2018

where are the intel fans at now where they at lol

0
Rep
33
Offline
admin approved badge
20:42 May-03-2018

Probably reading your post?

5
Rep
4
Offline
admin approved badge
18:20 May-03-2018

i don't even care anymore, Microsoft, intel, & amd all been acting shady, downloading updates while im sleeping "security patch" almost every night, computer feel slower and slower by the day. I didn't have these issues on W7. But i can't go back so I'm stuck with 10 & 8

2
Rep
-25
Offline
20:02 May-03-2018

maybe its lack of maintenance on your part or as most advise with win 10 buy ssd

-3
Rep
386
Offline
admin approved badge
04:40 May-04-2018

You are correct. With an SSD the speed of PC as it is used and filled with new programs and files constantly barely deteriorates, with an HDD the speed falls down pretty fast as you start installing and filling it more and more.

2
Rep
45
Offline
admin approved badge
14:46 May-04-2018

Man it's got to be at least a good 4-5 months since I booted up my Windows 10 partition.

0
Rep
4
Offline
admin approved badge
00:10 May-05-2018

I got a ssd (Toshiba 256gb M.2 NVME ssd) on my win 10 laptop, with the above specs but updates felt like it was slowing the system down and that measly, everlasting windows defender. deleting files and running in the back ground.

0
Rep
94
Offline
17:50 May-03-2018

And 97 chipsets still didn't get a bios update yet..

5
Rep
57
Offline
20:17 May-03-2018

probably never will ...

4
Rep
24
Offline
13:06 May-04-2018

and it's okay cuz we ain't need no patches tbh.

0
Rep
-31
Offline
17:49 May-03-2018

Foken great!

1
Rep
3
Offline
17:28 May-03-2018

"AMD processors using the ARM architecture" witch ones exactly?
and coffelake wasn't spectre proof right and was released after it was found?

0
Rep
4
Offline
16:23 May-03-2018

Am i the only one who got tired of spectre and meltdown.. etc and stopped care?

2
Rep
386
Offline
admin approved badge
16:35 May-03-2018

Of course, NOT, the only ones who should care are public millionaires that keep all their info on their PCs or multi-million dollar companies, nobody is going to waste time and resources hacking random people...

2
Rep
133
Offline
junior admin badge
16:44 May-03-2018

No one will bother to steal my hentai collocation (lenny face)

9
Rep
386
Offline
admin approved badge
16:49 May-03-2018

exactly

0
Rep
46
Offline
17:48 May-03-2018

Upvoting for Lenny-face

5
Rep
133
Offline
junior admin badge
19:22 May-03-2018

Lol

1
Rep
15
Offline
admin approved badge
16:50 May-03-2018

That's actually not true. The thing is about hackers, they want everything they can get their hands. They don't care if you are rich or poor. No care at all.

0
Rep
386
Offline
admin approved badge
16:53 May-03-2018

Hackers have to eat too you know XD

3
Rep
15
Offline
admin approved badge
17:04 May-03-2018

Yes I am aware but I do know what I am talking about. 100% sure of myself.

0
Rep
15
Offline
admin approved badge
17:19 May-03-2018

Of course these hackers don't want just any random data. They want your financial information and if they manage to steal data from thousands if not millions of random people, it really adds up.


That is what you failed to consider.

2
Rep
386
Offline
admin approved badge
18:44 May-03-2018

People need to realize that just because there is a known exploit, it does NOT make it easy nor fast to hack, it takes lots of time and resources to hack someone, first, you have to get through the network security at the very least, which with modern routers and infrastructure alone is NOT worth the time and resources spent breaching for a random chance of some valuable information, then you have to breach the hardware protection the PC with the now known meltdown and spectre exploits which from what I've read on how to do so on some dubious sites, is many times harder than breaching the network protection and takes much more time.

4
Rep
15
Offline
admin approved badge
20:48 May-03-2018

"People need to realize that just because there is a known exploit, it does NOT make it easy nor fast to hack"


I never once suggested that I thought otherwise.

0
Rep
386
Offline
admin approved badge
20:49 May-03-2018

I know, that's why said people, NOT you in particular.

0
Rep
15
Offline
admin approved badge
21:29 May-05-2018

Fair enough.

0
Rep
116
Offline
17:33 May-03-2018

Regardless of whether you care about it or not, it's a big issue that needs to be fixed sooner rather than later.

2
Rep
4
Offline
admin approved badge
18:24 May-03-2018

well they can also group hack, instead of one person specifically, everyone on a single network (hotel,mall,coffee shop,library) or they can hack your wifi

1
Rep
386
Offline
admin approved badge
18:52 May-03-2018

yeah cracking a secure network is hard enough for it to be NOT worth it hacking a single random individual or even dozens... open wi-fi networks are obviously a bad idea.

0
Rep
133
Offline
junior admin badge
19:38 May-03-2018

never use open wifi without vpn for logins
and its hard to hack playing Hacknet which is child play it takes alot of time to hack
but in reality you have to be careful to remove tracks

0
Rep
133
Offline
junior admin badge
16:20 May-03-2018

Meltdown Sounded like some Chernobyl Shlt until i read its CPU issue
who names those bugs ?

4
Rep
94
Offline
17:54 May-03-2018

Sounds like a hardware bug where temperature sensors fail, resulting in overheating cpus, melting dies etc

4
Rep
133
Offline
junior admin badge
19:21 May-03-2018

thats the worst bug if it ever happens

2
Rep
6
Offline
16:10 May-03-2018

I think there just scaremongering us into updating to better and more up to date cpus

11
Rep
15
Offline
admin approved badge
16:34 May-03-2018

The question is, how does one find out for sure?

7
Rep
57
Offline
20:21 May-03-2018

correct me if im wrong but arent new intel cpus vulnerable too? which makes it ridiculous that intel sells new stuff without correcting issues first...

3
Rep
15
Offline
admin approved badge
21:31 May-05-2018

Perhaps this is the reason they called end-of-life support on those processors just 11 months after launch.

0

Can They Run... |

Ryzen 5 3500U 4-Core 2.1 GHz Radeon RX Vega 8 8GB
100% Yes [1 votes]
| 30FPS, Medium, 720p
Ryzen 5 3500U 4-Core 2.1 GHz Radeon RX Vega 8 10GB
| 30FPS, High, 1080p
Core i3-8100 4-Core 3.6GHz GeForce GTX 1060 3GB 16GB
100% Yes [4 votes]
| 60FPS, Ultra, 1080p
Ryzen 7 5800H 8-Core 3.2GHz GeForce RTX 3060 Mobile 32GB
100% Yes [5 votes]
| 60FPS, High, 1080p
Ryzen 7 5800H 8-Core 3.2GHz GeForce RTX 3060 Mobile 16GB
100% Yes [1 votes]
| 60FPS, High, 1080p
Core i7-4770K 4-Core 3.5GHz GeForce GTX 980 4GB 32GB
100% Yes [3 votes]
| 60FPS, High, 1080p
Ryzen 7 5800H 8-Core 3.2GHz GeForce RTX 3060 Mobile 16GB
100% Yes [2 votes]
| 60FPS, Ultra, 1080p
Core i5-10400F 6-Core 2.90GHz GeForce RTX 3060 Ti MSI Ventus 2X 8GB 16GB
100% Yes [6 votes]
| 60FPS, Medium, 1080p
Core i7-10700F 8-Core 2.9GHz GeForce GTX 970 Gigabyte G1 Gaming 4GB Edition 16GB
100% Yes [3 votes]
| 60FPS, High, 1080p
Core i5-11400F 6-Core 2.6GHz GeForce GTX 1650 Super 4GB 16GB
| 60FPS, High, 1080p
Core i7-3770 4-Core 3.4GHz GeForce GTX 1650 Super 4GB 16GB
0% No [1 votes]