Spectre Watch: More Spectre-class CPU Vulnerabilities to be Announced Soon?by Ryan Smith on May 3, 2018 1:45 PM EST
This morning has seen an interesting turn of events in the world of processor security. c't magazine has published an exclusive report stating that they got wind of a new series of Spectre-class vulnerabilities that are currently being investigated by the greater security community, and that these vulnerabilities are going to be announced in the coming days. Meanwhile, seemingly in response to the c't article, Intel has just published their own statement on the matter, which they’re calling “Addressing Questions Regarding Additional Security Issues.”
Diving right into Intel’s announcement:
Protecting our customers’ data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date.
For more information on how we approach product security at Intel, please see my recent blog, “Bringing the Security-First Pledge to Life with New Intel Product Assurance and Security Group.”
— Leslie Culbertson
As things are currently unfolding, this is a very similar trajectory to the original announcement of the Meltdown and Spectre vulnerabilities, in which information about those vulnerabilities was leaked and pieced together ahead of the official coordinated announcement. Philosophies on disclosure policies notwithstanding, what we eventually saw was an accelerated release of information on those vulnerabilities, and a good bit of chaos as vendors suddenly had publish materials they were still preparing for a few days later. Intel’s early response here seems to be an effort to avoid chaos that by getting on top of things early, acknowledging the public's concerns and responding by outlining their coordinated release plans so that they can move ahead with things as-planned.
Which is to say that while Intel’s announcement confirms that something is up, it doesn’t offer any concrete details about what’s going on. For that – and assuming things don’t fall apart like the Meltdown/Spectre coordination – we’re presumably going to be waiting until next week on proper details.
As for the c't report, sources point to 8 individual CVE-assigned Spectre-class attacks, which for the moment they’re calling Spectre-NG. According to the site, Intel is working on two waves of patches, with the first wave currently set to be released in May, and c't is further speculating that information on the first wave will be released just ahead of May’s Patch Tuesday. Meanwhile information on a second flaw could be released “any day now.” And while the bulk of the report focuses on Intel – as this would seem to be the information c't had at hand – the site notes that ARM looks to be impacted as well, and AMD is likely but to-be-determined.
Of particular interest, the one exploit which c't is providing any details about is another VM-host attack, making it similar in risk to cloud server hosts as the original Meltdown. As these customers are Intel's bread & butter from a profitability standpoint, Intel will want to move very quickly to fix the issue before it can be exploited on customers’ servers, and to soothe their customers' concerns in the process.
Overall, while the nature of the report means we can’t confirm anything about their claims, on the whole it appears sound, and these claims are consistent with prior concerns raised by security researchers. Researchers have warned as far back as the original Spectre whitepaper that Spectre is a whole class of attacks – that it would be the ghost that wouldn't go away – as new ways are found to exploit the same fundamental weakness. Similar to other pivotal vulnerability discoveries, the nature of these side-channel attacks means that they are very powerful and still new enough that they’re not very well understood. So there has been and continues to be an ongoing concern that researchers and criminals alike will continue to find ways to use side-channel attacks against speculative execution, as seems to be the case now.
Ultimately, all of this is going to put increasing pressure on all CPU vendors to definitively answer a critical question: is speculative execution fundamentally unsafe, or can it be retained while it’s made safe? As one of the cornerstones of modern high-performance processors, the answer to that could shape the face of CPUs for years to come…
Post Your CommentPlease log in or sign up to comment.
View All Comments
dgingeri - Thursday, May 3, 2018 - linkYeah, great. The first time in 8 years I've managed to get a motherboard that doesn't have any problems aside from too few USB ports, and now I find out the processor is going to be dragged down in performance even more than before.
rocky12345 - Thursday, May 3, 2018 - linkYep when they outed these exploits I said they just opened up a can of worms. I stated that if these exploits had been on systems for all of these years and no one had ever found them before all of this took place chances are very high no one would have ever found them. I had someone tell me well maybe the reason we have had all of these attacks in the past was from these exploits in the CPU's. My reply was well hackers like to think they are 1337 and would have tried to take credit and promoted that they had just hacked crap of all cpu's ever made. Since we have never heard of any of them taking credit for that it stands to reason that they never found these exploits and would have never found them.
Now that it is all out in the open we have had a huge mess to deal with and of coarse every hacker in the world is now clued in and are working like busy little beavers trying to by pass all of the patches and micro code updates.
pepoluan - Thursday, May 3, 2018 - link> chances are very high no one would have ever found them
In your ideal world, yes. But in this world, there's high probability that well-funded researchers of intelligence agencies and state-sponsored hacker groups have already found them.
> would have tried to take credit and promoted that they had just hacked crap of all cpu's ever made
Only for amateur hackers. Professional hackers know how to keep a secret.
> by pass all of the patches and micro code updates
Not something easy to do if done properly. Just look at all those Critical CVEs that have been fixed. Once they are fixed, nearly all of them cannot be sidestepped.
All in all, RESPONSIBLE disclosure is needed so the good guys can erect additional barriers against the bad guys.
golemB - Thursday, May 3, 2018 - linkYeah... pretty sure that HStewart and the Thai(?)-sounding names are Russian trolls. Casting doubt on the existence of nation-state level exploits, typical problems writing in English, overly focused on attributing corrupt motives to others. I'd say if Putin wants to waste rubles hiring these idiots to push such stupid arguments, it's better than having them doing straight political disinformation, but I also don't want the relatively high quality comment threads on AT to turn into a toxic swamp that discourages real people from participating.
Spunjji - Friday, May 4, 2018 - linkGenuinely not sure if HStewart is a troll - I have encountered more than a few people whose comprehension is so strained that they find simple concepts troublesome and tend to assume that everyone around them is either hostile or trying to somehow fool them.
eva02langley - Friday, May 4, 2018 - linkNo, you are just mistaking them with Intel fanboys. They could be employed by Intel to spread the good word...
HStewart - Friday, May 4, 2018 - linkPlease stop speaking misinformation about me - I just have 30 years of experience in development include almost 7 years of experience in x86 assembly in the USA. I might be in my 50's and a geek with my English less than part - but surely not a Russian troll.
I used to build gaming machines but I have grown up since that. I do like Intel because if you look back they are original producer of the x86 processor - AMD was a clone manufacture because of requirements by IBM on original IBM PC - which is I have one store away in closet.
I would say I am not an AMD Fan boy because they attack people except if they are pro AMD. I don't really care if AMD fanboy's support they AMD but telling others that they should support Intel is not professional .
Lets be mature here and just agree to disagree. I have a different opinion on this stuff
Please stop with the personal attack - be professional and only discuss the topic not against the readers - unless you want this forum to come like WCCFTech.
HStewart - Friday, May 4, 2018 - linkStewart is my first name and H is first letter of my last name - got it.
sa666666 - Friday, May 4, 2018 - linkIs the heat getting too much for you? I think it's just that people are starting to see through your antics, and that you are a hard-core Intel fanboi, whether you will admit it or not.
*Every* article that is pro-Intel, you are there in the first few threads. And if an article is anti-Intel (at least by your standards), you're there inserting stuff about AMD, even when the article doesn't mention anything about AMD. It's almost as if you have an inferiority complex and have to constantly defend Intel and your insecurities about it.
You've said in other posts that you're glad that this Meltdown/Spectre thing is finally past, so we can stop talking about it. What you really mean is that you want it to be over, so (poor) Intel can stop being blasted about Meltdown, which doesn't affect AMD (that must be KILLING YOU to admit that).
In another post, you say that you wouldn't buy AMD CPUs because of how users attack people. Seriously, who in their right mind bases purchasing decisions on how a certain part of the userbase acts? This is the height of foolishness.
In other posts, you are constantly defending that Intel is late with 10nm, while downplaying 7nm from other manufacturers. And you actually believe what you're saying.
Look, you are by far the biggest pro-Intel fanboi I have ever encountered. It's getting to the point that you don't even have to open your mouth or post a message. We can just look at the title of an article and know that (a) you will be there, and (b) you will be rigourously supporting Intel and bashing everything else. And TBH it's getting tiring.
I suppose I will now be labelled as an AMD supporter and 'attacking' you. Never mind the fact that I have both an AMD 1800x *and* Intel 8700K systems. But I'm starting to regret the latter purchase because of Meltdown slowdowns (which are real, whether you admit it or not). But any regret I have for buying Intel is not because of how an Intel fanboi is treating me; it's because of the faulty hardware.
HStewart - Friday, May 4, 2018 - linkThe problem is that most people in these computer forums assume that Meltdown / Spectre is Intel only - at least AnandTech - does not list it as Intel CPU - but just CPU. Spectre NG is document to effect Intel, AMD and ARM.
To be honest this Meltdown/Spectre stuff has not even been notice by me.
On the 10nm vs 7nm - 10nm is not release and I believe that Intel is not going to release it until it absolutely ready - I am just taking there word. Do you really believe that just because 7nm is smaller then 10nm - it means it is more dense - we need to honestly wait until Intel release 10nm. I just remember the frequency wars and just because higher number does not mean higher performance. In Pentium 4 days AMD actual beat Intel.
I am not Anti-AMD, I am Anti-Anti-Intel
Basically lets just agree to disagree - buy the way I not 100% anti-AMD., I was extremely impressed with Dell XPS 15 2in1 especially with that in such a small size it can also have a discrete - I was not sure that I could trust AMD GPU - but I give it a try - only thing I notice specifically about it - is that Steam VR test did not detect it - also I notice older games like SIM 3 crash but SIMS 4 works. I also notice that I had to tweak Photoshop CS 5 because of resolution - but that is not related to Vega GPU - but because of 4k screen.
Of course I own Intel and support Intel - simply because they originally created the CPU - I only stated stuff again AMD when they bring that in Intel specific articles. I be honest here, I think Majority of people using Intel does not care about the contents of these forums. Am I any different than pro-AMD fans stating just wait for 7nm and next version and such. Just agree to disagree with this stuff and keep the anti other product out of discussion. I just think people attack anybody that supports Intel - it nothing against this - but why is that these gamers attack Intel people. It appear to be similar but not as bad as with NVidia. And yes I have own NVidia GPU's - but I am not no stupid miner - and even though I feel my gaming days are starting to end - I still like it for 3d applications and such - but normal activity you really don't need a powerful GPU.