Skip to main content

New Spectre attack once again sends Intel and AMD scrambling for a fix

posted onMay 4, 2021
by l33tdawg
Arstechnica
Credit: Arstechnica

Since 2018, an almost endless series of attacks broadly known as Spectre has kept Intel and AMD scrambling to develop defenses to mitigate vulnerabilities that allow malware to pluck passwords and other sensitive information directly out of silicon. Now, researchers say they’ve devised a new attack that breaks most—if not all—of those on-chip defenses.

Spectre got its name for its abuse of speculative execution, a feature in virtually all modern CPUs that predicts the future instructions the CPUs might receive and then follows a path that the instructions are likely to follow. By using code that forces a CPU to execute instructions along the wrong path, Spectre can extract confidential data that would have been accessed had the CPU continued down that wrong path. These exploits are known as transient executions.

Since Spectre was first described in 2018, new variants have surfaced almost every month. In many cases, the new variants have required chipmakers to develop new or augmented defenses to mitigate the attacks. A key Intel protection known as LFENCE, for instance, stops more recent instructions from being dispatched to execution before earlier ones. Other hardware- and software-based solutions broadly known as "fencing" build digital fences around secret data to protect against transient execution attacks that would allow unauthorized access.

Source

Tags

Security AMD Intel

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th