Specter vulnerability still exploitable despite security update

Six years after the Specter hardware vulnerability was discovered, a new attack method has been discovered. Despite numerous security updates, the problem remains for users worldwide and affects current processors from Intel and AMD.

Specter: The ghost of the past continues to haunt

Researchers have now found a new method to circumvent the existing protective measures – a similar new attack method was only revealed in April. Current processors from Intel and AMD are affected, which underlines the ongoing explosiveness of this problem.

Specter exploits a vulnerability in speculative execution – a performance optimization technique in modern processors. Calculations are carried out in advance to increase processing speed. Attackers can abuse this feature to access sensitive data such as passwords or encryption keys.

How The Register reports, researchers at ETH Zurich have discovered a new attack method that bypasses existing protection measures against Specter. In their study, Johannes Wikner and Kaveh Razavi were able to show that the so-called “indirect branch predictor barrier (IBPB)” does not work as intended. This barrier was actually intended to prevent previously learned predictions from being passed on for speculative execution.

Who is affected?

At Intel, the 12th, 13th and 14th generations of Core processors as well as the 5th and 6th generations of Xeon processors are affected. AMD chips with the Zen 2 architecture also have vulnerabilities. The researchers were able to read the hash of the root password on Intel systems and access arbitrary kernel memory from a non-privileged process on AMD processors.

Intel has already released a microcode update (INTEL-SA-00982) in March 2024 to fix the problem. However, this update may not yet be installed on all affected systems. AMD addressed the issue in its November 2022 security bulletin AMD-SB-1040 and considers it a software bug.

Remediation challenges

The complexity of the Specter vulnerability makes it difficult to fully resolve. While hardware manufacturers provide microcode updates, operating system developers and hypervisor vendors must also adapt their own protection measures. The researchers are currently working with Linux kernel developers to integrate a software patch for AMD systems.

The continued vulnerability to Specter-like attacks shows how deeply rooted the problem is in the architecture of modern processors – and how difficult the fight against this type of vulnerability remains. It also highlights the need to give greater consideration to security when designing hardware components in order to create more robust systems in the long term.