New Spectre-Class Vulnerabilities Discovered in Intel CPUs
Recent revelations from a team of security researchers indicate the discovery of eight new vulnerabilities classified as “Spectre-class” in Intel processors. These vulnerabilities also extend to a limited number of ARM processors, with implications for AMD architectures still being assessed. Dubbed “Spectre-Next Generation” or “Spectre-NG,” these vulnerabilities were initially reported by German computer publication Heise, which revealed that Intel has categorized four of these vulnerabilities as “high risk” and the other four as “medium risk.”
The flaws emerge from the same architectural design issues that led to the original Spectre vulnerabilities. However, troublingly, one of the newly identified vulnerabilities enables attackers who gain access to a virtual machine (VM) to potentially target the underlying host system. This capability elevates the risk level and poses a significant threat, particularly in cloud environments. As highlighted in the report, passwords and encryption keys, often crucial for secure data transactions, are now at greater risk due to this new vulnerability.
The potential for cross-system attacks raises alarms around shared cloud infrastructure, affecting not just cloud service providers like Amazon and Cloudflare but also their clientele. Security researchers explain that these vulnerabilities can be exploited with relative ease across system boundaries, posing a new level of threat compared to previous vulnerabilities.
According to the MITRE ATT&CK Matrix, adversaries could exploit these vulnerabilities through techniques associated with “initial access,” where unauthorized individuals penetrate systems to initiate attacks, and “privilege escalation,” where gained access might lead to higher-level permissions within a network. The vulnerabilities’ reliance on speculative execution makes it possible for attackers to extract sensitive information from a compromised system, including data that is typically protected.
While the German publication did not disclose the identities of the researchers, it noted that one weakness was identified by an analyst from Google’s Project Zero. This researcher informed Intel of the issues roughly 88 days prior, suggesting a detailed public disclosure may occur soon, specifically expected around May 7, coinciding with Microsoft’s traditionally scheduled Windows Patch Tuesday.
Intel has yet to provide unequivocal confirmation or denial regarding the existence of Spectre-NG vulnerabilities. In a recent statement, the company underscored its commitment to customer data protection and product security, emphasizing the importance of coordinated disclosure with vendors and researchers while reserving certain CVE numbers for tracking the vulnerabilities.
Heise, when queried about these CVE numbers, opted to withhold them, citing the risk of exposing sources and emphasizing that disclosing these identifiers could compromise their confidentiality. Intel is reportedly gearing up to patch these vulnerabilities with planned releases, the first scheduled for May and another anticipated in August. Microsoft is also preparing to implement patches through future updates.
As organizations brace for the release of these patches, uncertainty remains over the potential impact on system performance, reminiscent of the performance issues caused by patches for the original Spectre and Meltdown vulnerabilities. Given the escalation of cyber threats, it is imperative for business owners to remain vigilant and proactive in implementing security measures to safeguard sensitive data and ensure compliance with best practices in cybersecurity.
In light of these developments, businesses are encouraged to keep systems updated and stay informed about the latest vulnerabilities and patches as they become available, thereby bolstering their defenses against potential exploitation.