The Spectre is one of the major modern CPU bugs that were identified at the end of 2017. Along with the Meltdown, these bugs turned the world of security upside down. Even after such a long time, the ghost of Spectre is still haunting us. Recently, security researchers from Google and Microsoft have disclosed the existence of a new variant of the Spectre, codenamed Spectre variant 4.
The new flaw
Interestingly, the news of such a possible security flaw went out previously on a German magazine. However, the official statement and description came out very recently,
This new variant of Spectre infects processors from Intel, AMD, ARM and IBM. Companies like Intel, Microsoft, Ubuntu, Red Hat, IBM, ARM, AMD etc. have already published security advisories explaining the working method of this bug along with all the possible mitigation advices.
SpectreNG
This new variant of Spectre has also earned a nice name to call – SpectreNG. Both the researchers of Microsoft and Google identified the vulnerability independently. Both bug discovery have very similarities. That’s why they are classified as Spectre variant 3a and 4. The Spectre variant 3a is tagged as CVE-2018-3640 and variant 4 is tagged as CVE-2018-3639.
The variant 3a is a form of the Meltdown flaw whereas variant 4 is completely new attack from the Spectre family. As you may have already guessed, both of them are caused by speculative execution – a method that enables all the faster processing power of all the modern CPUs.
For understanding the working method of both of the vulnerabilities, take a look at this video that Red Hat published on YouTube.
According to Microsoft’s advisory, an attacker successfully exploiting the vulnerability can be able to read privileged data across trust boundaries. Such condition may break down the system of sandbox environment.
From Google’s part, Jann Horn, the man who was behind the invention of Meltdown and Spectre flaws, has also published the proof-of-concept code for the vulnerability. Unfortunately, a remove JavaScript code can successfully exploit the Spectre variant 4. According to Microsoft, there’s been no attempt recorded trying to exploit the vulnerability.
Additional patches
Intel’s general manager of Product Assurance and Security, Leslie Culbertson, said that the original patches for Meltdown and Spectre should be enough for mitigating the variant 4.
However, Intel has already released a new patch for the Spectre variant 4. It’s in the beta form and sent to OEMs.