New Spectre attack once again sends Intel and AMD scrambling for a fix


Rows of beautifully colored computer components.

Enlarge (credit: Intel)

Since 2018, an almost endless series of attacks broadly known as Spectre has kept Intel and AMD scrambling to develop defenses to mitigate vulnerabilities that allow malware to pluck passwords and other sensitive information directly out of silicon. Now, researchers say they’ve devised a new attack that breaks most—if not all—of those on-chip defenses.

Spectre got its name for its abuse of speculative execution, a feature in virtually all modern CPUs that predicts the future instructions the CPUs might receive and then follows a path that the instructions are likely to follow. By using code that forces a CPU to execute instructions along the wrong path, Spectre can extract confidential data that would have been accessed had the CPU continued down that wrong path. These exploits are known as transient executions.

“Dangerous implications”

Since Spectre was first described in 2018, new variants have surfaced almost every month. In many cases, the new variants have required chipmakers to develop new or augmented defenses to mitigate the attacks.

Read 16 remaining paragraphs | Comments

index?i=mZVJ5SkuWxE:rhTfrtdp96I:V_sGLiPB index?i=mZVJ5SkuWxE:rhTfrtdp96I:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA

Source: https://arstechnica.com/?p=1762393
Proactive Computing found this story and shared it with you.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.