Eight new vulnerabilities are found in Intel's CPU, four of which are evaluated as "high risk"

byNikolay Dik

Since the beginning of 2018, news about the vulnerability "Spectre" and "Meltdown" inherent in Intel CPUsIssues are going on. Although the vulnerability of Meltdown class is a vulnerability specific to Intel CPU, it is pointed out that the vulnerability of Specter class is inherent in all processors such as Intel, AMD and ARM as well as Intel CPU, A new vulnerability of the Specter class was pointed out this time.

Specter-NG: Intel-Prozessoren von neuen hochriskanten Sicherheitslücken betroffen, erste Reaktionen von AMD und Intel | heise Security
https://www.heise.de/security/meldung/Spectre-NG-Intel-Prozessoren-von-neuen-hochriskanten-Sicherheitsluecken-betroffen-4039302.html

8 New Specter - Class Vulnerabilities (Specter - NG) Found in Intel CPUs
https://thehackernews.com/2018/05/intel-spectre-vulnerability.html

German computer magazine "Heise"These vulnerabilities are said to affect even a small number of AMD and ARM processors, and journalists took four of the eight vulnerabilities" high risk ", the remaining four It is rated as "moderate risk".

The newly reported vulnerability is considered the cause of the vulnerability reported so farDesign defect of Intel CPUIt is said to be derived from the same defects. One of the vulnerabilities discovered this time is that "an attacker who has accessed the virtual machine can easily attack the host system", which means that the degree of risk is higher than the vulnerability discovered so far There is a possibility of increasing.

Furthermore, "It is possible to attack virtual machines of other customers operating on the same server, and it may be the target of data transfer passwords and secret keys," the team of security researchers said , Amazon andCloudflareSuch as cloud service providers will be affected.

byJeremy A.A. Knight

Questioning about the newly discovered vulnerability to Intel, "It is a top priority to protect customer data and ensure product security, sharing potential threats and striving to improve the system We will continue "and said that there was no specific mention of vulnerability.

According to leaked information, Intel has already begun to deal with the new vulnerability, and it seems that the first security patch will be released in May and the second security patch will be released in August.