Just a brief note: Researchers discover an new Spectre-like CPU attack, called SplitSpectre. And Microsoft has published an article about Windows Retpoline Spectre Mitigation.
Advertising
SplitSpectre CPU attack
Three academics from Northeastern University and three researchers from IBM Research have discovered a new variation of the Spectre CPU vulnerability that can be exploited via browser-based code.
NEW: Researchers discover SplitSpectre, a new Spectre-like CPU attackhttps://t.co/n3vKIr4vMc pic.twitter.com/mtgy11AFoH
— Catalin Cimpanu (@campuscodi) 4. Dezember 2018
Catalin Cimpanu has more details within this ZDNet.com article (thx @phantomofmobile for the hint).
Mitigating Spectre variant 2 with Retpoline on Windows
In January 2018, Microsoft released an advisory and security updates. This was related to a newly discovered class of hardware vulnerabilities involving speculative execution side channels (known as Spectre and Meltdown). That vulnerabilities affect AMD, ARM, and Intel CPUs to varying degrees.
Patches to mitigate these vulnerabilities has been a negative performance influence on the machines. With the retpoline technology developed by Google, it's possible to mitigate spectre like vulnerabilities without reducing performance on a machine. Microsoft has begun to use retpoline in newer Windows builds. The article Mitigating Spectre variant 2 with Retpoline on Windows sheds more life into that topic.
Advertising
