Details of Spectre Next Generation (NG) Vulnerabilities Emerging

Update: 23rd May 2018:
Please refer to the new blog post I have added to document and provide information on these new vulnerabilities.

Thank you.

Original Post:
Separate to my previous in-depth discussion of the Meltdown and Spectre vulnerabilities; I located this news article announcing the discovery of new vulnerabilities affecting Intel CPUs (and possibly ARM CPUs too). Few details are available; apart from that the vulnerabilities also affect Intel’s SGX (Software Guard Extensions)(defined) instructions and can be exploited within a virtual machine (defined) to gain access to the host (physical system).

It is likely further microcode updates from Microsoft and firmware update from Intel will be made available in the coming weeks. It is unknown if these new vulnerabilities dubbed Spectre Next Generation (NG) will be as serious as the original Meltdown and Spectre (Variants 1 and 2) disclosed in January.

On a related note (and discussed in another post); Microsoft resolved a regression in their Windows 10 Meltdown patch that was found by Windows Internals and security researcher Alex Ionescu. The fix was already included in Windows 10 Version 1803 (the April Update) and was provided to Version 1709 this month.

Thank you.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.