Spectre 2 looms large with 8 potential security flaws

Today there are some disturbing news on the security front, with the revelation that eight new faults have been discovered from the Specter class, and Intel has issued a statement on the matter.

These new errors have been reported by the German technology site Heise.de, and have named them Specter-NG or & # 39; Next Generation & # 39 ;, claiming that Intel processors are vulnerable, and that AMD chips They can also be affected.

Four of the defects are labeled as "high risk issues", and all of them have been assigned their own CVE numbers (reference number of common exposures and vulnerabilities). Heise believes that a particular vulnerability represents a significant danger, since it can be exploited through the limits of virtual machines (allowing attacks on the host system through the virtual machine).

As mentioned, Intel reacted by publishing an article "

Critical Priorities

Intel's Leslie Culbertson, executive vice president and general manager of Product Assurance and Security, writes:" Protect our customer's data and ensure the The safety of our products is essential. "priorities for us We work closely with customers, partners, other chip manufacturers and researchers to understand and mitigate any problems identified, and part of this process involves reserving blocks of CVE numbers. [19659002] "We firmly believe in the value of coordinated disclosure and we will share additional details about any possible problems as we complete the mitigations. As a best practice, we continue to encourage everyone to keep their systems updated. "

In other words, Intel seems to be recognizing the problem, and letting us know that a coordinated disclosure about the issues, and the relevant corrections, is imminent.Again, it seems that the details of the errors have leaked before Intel tried to reveal them, as it happened with the original vulnerabilities of Specter and Meltdown earlier this year.

We will only know with certainty when Intel confirms the existence of these osgos, of course.

For now, however, it seems to be the case that more evil of the spectrum is about to cast a shadowy shadow on the computer world …

Via [19659012] ZDNet

Leave a Reply