Intel unveils a new "Variant 4" vulnerability

Intel, Google and Microsoft today unveiled a new variant of the Spectrum design flaw and the security vulnerability that affects millis of computers and mobile devices from different manufacturers.

Called Variant 4, or Speculative Store Bypass, the vulnerability is similar to Spectrum, taking advantage of the speculative executi mechanism of a CPU to allow hackers to access sensitive information. Variant 4 has been demstrated by researchers in a language-based runtime envirment.

CVE-2018-3639 – Speculative Store Bypass (SSB) – Also Known as Variant 4

Systems with microprocessors using speculative executi and the speculative executi of memory reads before the addresses of all prior writings are known may allow unauthorized disclosure of information to a attacker with local user access via side channel analysis. Intel, the new vulnerability has a "moderate" severity rating because most of the exploits that it uses have already been solved thanks to mitigati measures that have been introduced by software and OEM manufacturers in January for Meltdown and Specter. Intel, however, releases a full mitigati opti that "will prevent this method from being used otherwise."

This additial limitati for variant 4 has been provided in beta form to OEMs and system software vendors, and Intel allows its partners to decide whether or not to implement the additial measures. Intel plans to let the overall attenuati …

We will be happy to hear your thoughts

      Leave a Reply

      AppleiPhonestop - Apple iPhone News and Rumours All Day
      Enable registration in settings - general
      Compare items
      • Laptops (0)