Six years after the Specter hardware vulnerability was discovered, a new attack method has been discovered. Despite numerous security updates, the problem remains for users worldwide and affects current processors from Intel and AMD.
Researchers have now found a new method to circumvent the existing protective measures – a similar new attack method was only revealed in April. Current processors from Intel and AMD are affected, which underlines the ongoing explosiveness of this problem.
Specter exploits a vulnerability in speculative execution – a performance optimization technique in modern processors. Calculations are carried out in advance to increase processing speed. Attackers can abuse this feature to access sensitive data such as passwords or encryption keys.
How The Register reports, researchers at ETH Zurich have discovered a new attack method that bypasses existing protection measures against Specter. In their study, Johannes Wikner and Kaveh Razavi were able to show that the so-called “indirect branch predictor barrier (IBPB)” does not work as intended. This barrier was actually intended to prevent previously learned predictions from being passed on for speculative execution.
At Intel, the 12th, 13th and 14th generations of Core processors as well as the 5th and 6th generations of Xeon processors are affected. AMD chips with the Zen 2 architecture also have vulnerabilities. The researchers were able to read the hash of the root password on Intel systems and access arbitrary kernel memory from a non-privileged process on AMD processors.
Intel has already released a microcode update (INTEL-SA-00982) in March 2024 to fix the problem. However, this update may not yet be installed on all affected systems. AMD addressed the issue in its November 2022 security bulletin AMD-SB-1040 and considers it a software bug.
The complexity of the Specter vulnerability makes it difficult to fully resolve. While hardware manufacturers provide microcode updates, operating system developers and hypervisor vendors must also adapt their own protection measures. The researchers are currently working with Linux kernel developers to integrate a software patch for AMD systems.
The continued vulnerability to Specter-like attacks shows how deeply rooted the problem is in the architecture of modern processors – and how difficult the fight against this type of vulnerability remains. It also highlights the need to give greater consideration to security when designing hardware components in order to create more robust systems in the long term.
Alexia is the author at Research Snipers covering all technology news including Google, Apple, Android, Xiaomi, Huawei, Samsung News, and More.
An annoying software error is currently plaguing many owners of the Google Pixel Watch. The…
After the new Google smartphones in the Pixel 11 series, official marketing images of the…
A French consumer protection association is taking Epson to court. The accusation is of planned…
After a months-long exclusion by the Facebook group Meta, the well-known AI chatbot ChatGPT has…
Microsoft is fundamentally redesigning the search in Windows 11. The operating system loses advertising, forced…
Interested users can now install the first public beta version of iOS 27 on their…