“Intel makes patches for 8 new Specter-like vulnerabilities, 4 of which are critical”

Intel is working with OS makers on patches for eight new CPU leaks that resemble Specter, reports the German c’t. Of the leaks, collectively called Specter-ng, four are ‘critical’. One of the leaks would allow a simple attack on a host from within a VM.

The German magazine reports that it has information about the Specter-ng leaks, which are still secret. There would be ‘no doubt’ that these are genuine vulnerabilities, which have since acquired their own CVE characteristics. Technical details are missing, but the attack scenarios using the leaks are said to be the same as with Specter. An exception is that one of the new variants makes an attack from a VM on a host system or another VM very easy, claims c’t. This entails risks, among other things, with shared hosting and similar constructions.

In this way, for example, private keys and other sensitive data could be stolen. This was already possible with the original Specter vulnerabilities, but due to the need for certain prior knowledge, such an attack was difficult to perform. It is unclear whether AMD has also been affected. A small number of ARM processors would in any case suffer from the same vulnerabilities. Intel develops some patches itself and others in collaboration with operating system makers. The patches would come out in two ‘waves’: one in May and the other in August.

One of the vulnerabilities was again found by Google’s Project Zero security team, which was also involved in the discovery of the earlier variants. The deadline for a patch and subsequent release from Project Zero is May 7, according to c’t. The team is usually quite strict on its 90-day deadlines. Microsoft is also said to be preparing to release patches.

The details of the original Specter vulnerabilities, of which there are two variants, originally came out early this year, after Intel had been aware of them for some time. The CPU leaks, of which Meltdown almost exclusively affects Intel CPUs, make it possible to retrieve sensitive information on a vulnerable system. Since then, a complex patching process has begun, with patches released in the form of operating system updates and microcode. Intel is still working on patches.