If you thought that Intel was putting the flaws of Specter and Meltdown behind that, well, nothing is so simple. According to a report by the German magazine C & # 39; T, Intel plans to address eight new vulnerabilities arising from the same design problem in its CPUs that led to Specter and Meltdown, and has reserved a number of common vulnerability and exposure (CVE) numbers . for them.
On May 3, Intel executive vice president and general manager of product safety and security Leslie Culbertson issued a statement on possible new security issues:
"Protect our customer's data and Ensuring the safety of our products is a critical priority for us, "Culbertson wrote. "We work closely with clients, partners, other chip manufacturers and researchers routinely to understand and mitigate any identified problems, and part of this process involves reserving blocks of CVE numbers."
"We strongly believe in the value of coordinated disclosure and we will share additional details about any possible problems as we complete the mitigations. As a best practice, we continue to encourage everyone to keep their systems up to date. "
While most problems are reportedly at the same risk level as Specter, which can certainly be quite high, there is an interesting nugget : a flaw that would easily allow a malicious hacker to exploit the code in a virtual machine and attack the host system, be it a single PC or, for example, the server of a large corporation, and enter more virtual machines in that way.
Although attacks on other virtual machines or the host system were already possible in principle with Specter, implementation in the real world required so much prior knowledge that it was extremely difficult, "said the English version of the story C & # 39; T. "However, the aforementioned Specter-NG vulnerability can be exploited quite easily for attacks across system boundaries, raising the potential of threat to a new level. "
C & # 39; T refers to the eight vulnerabilities as Specter-NG (Next Generation), but that seems to be a name invented by the magazine." The magazine suggests that each vulnerability could have its own name, and there probably will be eight different patches, one for each problem.
The report indicates that the first wave of patches could go live in May (next Microsoft patch for Windows 10) is on Tuesday, May 8), while the rest will be Prepares for August
The report suggests that some ARM chips may be vulnerable to Specter-NG defects, and that AMD is investigating whether this also affects their processors.Meltdown affected some ARM and AMD chips.
Specter affects almost all CPUs in the last two decades, and if these new reports are correct, we will not shake similar short-term vulnerabilities until there is a complete redesign of the processors.
"It seems that for c a fixed problem, two more arise, "said the article by C & # 39; T. "During the last twenty years, security considerations have only played a secondary role to the performance in the development of processors."
Image credit: BeeBright / Shutterstock
Windows 10 Network and Security
Use Windows 10 parental controls
Find your MAC address
Turn your Windows PC into a Wi-Fi hotspot
Password Protects a folder
Create a guest account in Windows 10
Enable Windows Hello Fingerprint logon
Configure Windows Hello facial recognition
How to restrict the omnipresent listening of Cortana in Windows 10
Automatically lock your PC with dynamic lock
Blacklist of non-Windows store applications
Search saved Wi-Fi passwords
Configure an Internet connection with meter
Use Search for my device
Games Stream XBox One
All the tips of Windows 10
Assign a network drive
Create limited user accounts
Set time limits for children
Pin People in your taskbar
Use the parental controls of Windows 10
Find your MAC address
Turn your Windows PC into a Wi-Fi hotspot
Password Protects a folder
Create a guest account in Windows 10
Enable Windows Hello Fingerprint logon
Configure Windows Hello facial recognition
How to restrict the omnipresent listening of Cortana in Windows 10
Automatically lock your PC with dynamic lock
Blacklist of non-Windows store applications
Search saved Wi-Fi passwords
Configure an Internet connection with meter
Use Search for my device
Games Stream XBox One
All the tips of Windows 10
Assign a network drive
Create limited user accounts
Set time limits for children
Pin People in your taskbar
Windows 10 Networking and Security
More tips
- Use parental controls for Windows 10
- Find your MAC address
- Turn your Windows PC into a Wi-Fi hotspot
- Password Protects a folder
- Create a guest account in Windows 10
- Enable Windows Hello Fingerprint logon
- Configure Windows Hello facial recognition
- How to restrict the omnipresent listening of Cortana in Windows 10
- Automatically lock your PC with Dynamic Lock
- Blacklist of non-Windows store applications
- Search for saved Wi-Fi passwords
- Configure an Internet connection with meter
- Use Search for my device
- Stream Games XBox One
- All Windows 10 tips
- Assign a network drive
- Create limited user accounts
- Set time limits for children
- Pin People in your taskbar
