New Spectre NG vulnerabilities in Intel CPUs

[German]In Intel CPUs eight new, from Intel as highly risky classified, vulnerabilities, called Spectre Next Generation (till Intel releases details) has been discovered. There are no patches available yet.


Advertising

We've learned that vulnerabilities called Meltdown and Spectre affects Intel CPUs, and the processor vendor just has released microcode updates for a couple of CPUs (see my blog post Intel Spectre/Meltdown Microcode Updates (March 11, 2018)).

Microsoft's security went completely to hell with the patches. There were patches against Meltdown and Spectre, as well as microcode updates for various Windows versions (see Windows 10: Microcode updates KB4090007, KB4091663, KB4091664, KB4091666, KB4078407). But in the recently released Windows 10 April Update (version 1803) the microcode updates against Spectre V2 have been dropped, old updates cannot be installed.

But there is more harm. The Microsoft updates against Meltdown tore a security hole in Windows called Total Meltdown. I had reported about the gap in Windows 7/Server 2008 R2 in the blog posts Windows 7/Server 2008 R2: Total Meltdown exploit went public for instance.

The night I learned, that something like Total Meltdown also exists in Windows 10 (see Windows 10 Meltdown Patch Bypass and hcsshim flaw). Only in Windows 10 version 1803 has been patched, Microsoft is still working on updates for older Windows 10 versions.

New Spectre-NG vulnerabilities in Intel CPUs

This night I received an e-mail from German computer magazine heise.de. They received secret details about further Spectre vulnerabilities in Intel CPUs. In this article (in German) heise.de writes that the previous processor attack scenarios Spectre and Meltdown are only the tip of the iceberg. There are at least eight other vulnerabilities in Intel CPUs that have been christened Spectre Next Generation (until Intel releases details).


Advertising

Intel, however, keeps the information on the Spectre Next Generation vulnerabilities secret. This is proven by information exclusively available to the computer magazine c't. According to heise.de, Intel has classified four of these vulnerabilities as high-risk, the danger of the other four is rated "medium". The heise.de editors write that the attack scenarios are to be classified similarly as with Spectre in January.

"However, one of the new gaps simplifies attacks beyond system boundaries to such an extent that we rate the threat potential significantly higher than with Spectre. Cloud service providers such as Amazon or Cloudfare and of course their customers are particularly affected," explains c't editor Jürgen Schmidt. "Passwords for secure data transmission are highly sought-after targets and acutely endangered by these new gaps."

When the first patches, i.e. updates for the new Spectre flaws, called Spectre-NG, will be released is not yet clear according to heise.de. "Apparently Intel is planning two patch waves," says Jürgen Schmidt, security expert at computer magazine c't. "A first one is scheduled to arrive in May; a second one is planned for August." heise.de says the risk, that private systems or business systems are attacked, are low, due to the fact, that there are other exploits available, that are more easy to deploy.

Similar articles:
Windows 10: Microcode updates KB4090007, KB4091663, KB4091664, KB4091666, KB4078407
Intel: No Microcode Updates for some older CPUs
Windows 10 Meltdown Patch Bypass and hcsshim flaw
Windows 10 Spectre V2 Update for AMD-CPUs
Meltdown/Spectre Test Tools Overview
Intel Spectre/Meltdown Microcode Updates (March 11, 2018)
Windows 7/Server 2008 R2: Total Meltdown exploit went public
Windows 7 Jan./Feb. 2018 patches opens Total Meltdown vulnerability


Advertising

This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).