Skip to main content

NEW SPECTRE (VARIANT 4) CPU FLAW DISCOVERED-INTEL, ARM, AMD AFFECTED. Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple. Variant 4 comes weeks after German computer magazine Heise reported about a set of eight spectre-class vulnerabilities in Intel CPUs and a small number of ARM processors, which may also impact AMD processor architecture as well. Variants 1 and 2 (CVE-2017-5753 and CVE-2017-5715), known as Spectre, and Variant 3 (CVE-2017-5754), known as Meltdown, are three processor vulnerabilities disclosed by Google Project Zero researchers in January this year. Now, Microsoft and Google researchers have disclosed Variant 4 (CVE-2018-3639), dubbed Speculative Store Bypass, which is a similar Spectre variant that takes advantage of speculative execution that modern CPUs use to potentially expose sensitive data through a side channel. Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues and is discarded if not. However, the speculative-execution design blunders can be exploited by malicious software or apps running on a vulnerable computer, or a nefarious actor logged into the system, to trick the CPU into revealing sensitive information, like passwords and encryption keys, stored in system memory and the kernel. Unlike Meltdown that primarily impacted Intel chips, Spectre affects chips from other manufacturers as well. Spectre and Meltdown Continues to Haunt Intel, AMD, ARM. The latest Variant 4 flaw affects modern processor cores from Intel, AMD, and ARM, as well as IBM's Power 8, Power 9, and System z CPUs—threatening almost all PCs, laptops, smartphones, tablets, and embedded electronics regardless of manufacturer or operating system. Speculative Store Bypass attack is so far demonstrated in a "language-based runtime environment." The most common use of runtimes, like JavaScript, is in web browsers, but Intel had not seen any evidence of successful browser-based exploits. Linux distro giant Red Hat has also provided a video outlining the new Spectre flaw, alongside publishing a substantial guide: Besides Variant 4, Google and Microsoft researchers have also discovered Variant 3A, dubbed "Rogue System Register Read," a variation of Meltdown that allows attackers with local access to a system to utilize side-channel analysis and read sensitive data and other system parameters. Intel has classified Variant 4 as "medium risk" because "many" of the exploits that Speculative Store Bypass attack would exploit were fixed by browsers like Safari, Edge, and Chrome during the initial set of patches. "Starting in January, most leading browser providers deployed mitigations for Variant 1 in their managed runtimes—mitigations that substantially increase the difficulty of exploiting side channels in a web browser," Intel says in its advisory. "These mitigations are also applicable to Variant 4 and available for consumers to use today." However, since there is the potential for new exploits, Intel and its partners (including PC makers and OEM system manufacturers) are releasing BIOS and software microcode updates for Variant 4 in the "coming weeks." Spectre Mitigations to Result in Another Performance Hit The mitigation will be turned off by default, providing customers the choice of whether to enable it or not. If enabled, Intel observed a performance hit of approximately 2 to 8 percent on overall scores for benchmarks like "SYSmark 2014 SE and SPEC integer rate on client and server test systems." ARM and AMD are also releasing security patches for their respective chips, with ARM saying the latest Spectre variant impacts only a small number of Arm Cortex-A cores and is mitigated with an Arm-developed firmware update. AMD also released a whitepaper, advising users to leave the fix disabled due to the inherent difficulty of performing a successful Speculative Store Bypass attack and saying: "Microsoft is completing final testing and validation of AMD-specific updates for Windows client and server operating systems, which are expected to be released through their standard update process."  "Similarly, Linux distributors are developing operating system updates for SSB. AMD recommends checking with your OS provider for specific guidance on schedules." In short, there will not be a permanent solution (rather than just mitigation) for Spectre-like exploits until Intel, and other chip makers release updated chips. So users are strongly recommended to follow good security practices that protect against malware and ensure their software is up-to-date.

NEW SPECTRE (VARIANT 4) CPU FLAW DISCOVERED-INTEL, ARM, AMD AFFECTED.


Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple.


Variant 4 comes weeks after German computer magazine Heise reported about a set of eight spectre-class vulnerabilities in Intel CPUs and a small number of ARM processors, which may also impact AMD processor architecture as well.


Variants 1 and 2 (CVE-2017-5753 and CVE-2017-5715), known as Spectre, and Variant 3 (CVE-2017-5754), known as Meltdown, are three processor vulnerabilities disclosed by Google Project Zero researchers in January this year.


Now, Microsoft and Google researchers have disclosed Variant 4 (CVE-2018-3639), dubbed Speculative Store Bypass, which is a similar Spectre variant that takes advantage of speculative execution that modern CPUs use to potentially expose sensitive data through a side channel.


Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues and is discarded if not.


However, the speculative-execution design blunders can be exploited by malicious software or apps running on a vulnerable computer, or a nefarious actor logged into the system, to trick the CPU into revealing sensitive information, like passwords and encryption keys, stored in system memory and the kernel.


Unlike Meltdown that primarily impacted Intel chips, Spectre affects chips from other manufacturers as well.


Spectre and Meltdown Continues to Haunt Intel, AMD, ARM.


The latest Variant 4 flaw affects modern processor cores from Intel, AMD, and ARM, as well as IBM's Power 8, Power 9, and System z CPUs—threatening almost all PCs, laptops, smartphones, tablets, and embedded electronics regardless of manufacturer or operating system.


Speculative Store Bypass attack is so far demonstrated in a "language-based runtime environment." The most common use of runtimes, like JavaScript, is in web browsers, but Intel had not seen any evidence of successful browser-based exploits.


Linux distro giant Red Hat has also provided a video outlining the new Spectre flaw, alongside publishing a substantial guide:


Besides Variant 4, Google and Microsoft researchers have also discovered Variant 3A, dubbed "Rogue System Register Read," a variation of Meltdown that allows attackers with local access to a system to utilize side-channel analysis and read sensitive data and other system parameters.


Intel has classified Variant 4 as "medium risk" because "many" of the exploits that Speculative Store Bypass attack would exploit were fixed by browsers like Safari, Edge, and Chrome during the initial set of patches.


"Starting in January, most leading browser providers deployed mitigations for Variant 1 in their managed runtimes—mitigations that substantially increase the difficulty of exploiting side channels in a web browser," Intel says in its advisory. "These mitigations are also applicable to Variant 4 and available for consumers to use today."





However, since there is the potential for new exploits, Intel and its partners (including PC makers and OEM system manufacturers) are releasing BIOS and software microcode updates for Variant 4 in the "coming weeks."


Spectre Mitigations to Result in Another Performance Hit


The mitigation will be turned off by default, providing customers the choice of whether to enable it or not. If enabled, Intel observed a performance hit of approximately 2 to 8 percent on overall scores for benchmarks like "SYSmark 2014 SE and SPEC integer rate on client and server test systems."


ARM and AMD are also releasing security patches for their respective chips, with ARM saying the latest Spectre variant impacts only a small number of Arm Cortex-A cores and is mitigated with an Arm-developed firmware update.


AMD also released a whitepaper, advising users to leave the fix disabled due to the inherent difficulty of performing a successful Speculative Store Bypass attack and saying:


"Microsoft is completing final testing and validation of AMD-specific updates for Windows client and server operating systems, which are expected to be released through their standard update process." 






"Similarly, Linux distributors are developing operating system updates for SSB. AMD recommends checking with your OS provider for specific guidance on schedules."





In short, there will not be a permanent solution (rather than just mitigation) for Spectre-like exploits until Intel, and other chip makers release updated chips. So users are strongly recommended to follow good security practices that protect against malware and ensure their software is up-to-date.


Comments

Popular posts from this blog

Escaped Murder Suspect Finally Arrested in Yumbe Regional Referral Hospital, Yumbe District.

Story by Osuta Yusuf. 19-November-2024. 📸: Eyotre Kennedy handcuffed on bed while receiving medication this morning at Yumbe Regional Referral Hospital in Yumbe District. Eyotre Kennedy originating from Etoko village, Nyoroo Parish, Nyadri Sub-county in Maracha District who has for many years been terrorizing residents in his village, has finally been arrested this Monday morning 19-November-2024 while receiving treatment at Yumbe Regional Referral Hospital in Yumbe District following injuries he sustained from Theft mission on Saturday night 16-November-2024 in Owapi village, Azapi parish in Odupi Sub-county, Terego East Constituency in Terego District. Click here on the link  https://informationispowah.blogspot.com/2024/11/fugitive-who-chopped-3-people-killed.html   to read the story on his Theft of Goats in Terego. Upon getting cut on the finger and leg by the Mob as he attempted to fight and overpower owner of the goats he attempted to steal on Saturday night ...

41-Years-Old Man Digs His Own Grave in Maracha District.

Story by Osuta Yusuf.  Maracha District.  📸: The grave been dug by Mr Opiga Michael, a victim of frustration. Photo taken by Osuta Yusuf , on Wednesday 11-September-2024. The residents of Ebapi village, Baria Parish in Nyadri Sub-county, Maracha east constituency, Maracha District are in shock after a 41 year old man started digging his own grave. The man, identified as Mr Opiga Michael, who seems to be frustrated over some challenges in life, started digging his own grave on Tuesday 10-September-2024 until he was stopped by the elders in Nyaria clan. 📸: Opiga Michael, the Victim of Frustration. Photo by Osuta Yusuf , Information is Power. While speaking to our reporter on Wednesday evening 11-September-2024, Mr Opiga Michael, said, his main plan  was to commit suicide after finishing digging the grave for burying himself, explained that, he feels frustrated, abandoned and hated by his own clan people, whom he accused of piling lies against him a...

Wedded Ayivu West MP Lematia John Fights Over Another Woman.

  📸: Hon Lematia John. By URN. Police in Arua district are investigating a case of assault and threatening violence involving the Member of Parliament for Ayivu West Constituency John Lematia and James Ariko, a DSTV technician in Arua city. Drama ensued on Easter Sunday 31-3-2024 at Dream Land Hotel located at Kuluva trading center along Arua-Nebbi highway in Arua district when the legislator and the technician engaged in a fight reportedly over a woman identified as Faith Eyotaru 25, a relationship officer at Victoria University Kampala. The scuffle started after Ayivu West Mp John Lematia went to swim at Dreamland Hotel with Faith Eyotaru only to find Ariko, who had gone to the same hotel earlier. However, upon seeing the duo coming out of the vehicle, Ariko confronted Lematia with both men claiming to be having a relationship with the lady. It took the intervention of the staff at the hotel who intervened and separated the fight between the men. Josephine Angucia, the West Nil...