Researchers discover a new 'Spoiler' flaw in Intel CPU’s

By Digit NewsDesk | Updated Mar 06 2019
Researchers discover a new 'Spoiler' flaw in Intel CPU’s
HIGHLIGHTS

The flaw is similar to Spectre and affects Intel CPUs all the way back to the first generation of Core CPUs.

Go from OpenAPI-to-GraphQL in 2 minutes

Create GraphQL interfaces in minutes and build mobile or client apps quicker. Leverage free, open source IBM Code Patterns.

Click here to know more

Highlights

  • Security researchers have discovered a new vulnerability in Intel Chips.
  • The vulnerability is called Spoiler.
  • Intel was made aware of Spoiler in December.

Security researchers at Worcester Polytechnic Institute and the University of Lübeck have published a paper outlining a vulnerability on Intel processors. The vulnerability only affects Intel chips and not AMD or ARM chips. The vulnerability affects Intel chips all the way back to the first generation of Core CPUs. According to the researchers, the potential attack vector is similar to Spectre, but not subject to the same mitigations. Just to be clear, Spectre and Spoiler are 2 different attacks. 

The vulnerability affects “Speculative execution”. According to Wikipedia, Speculative execution “is an optimization technique where a computer system performs some task that may not be needed. Work is done before it is known whether it is actually needed, so as to prevent a delay that would have to be incurred by doing the work after it is known that it is needed. If it turns out the work was not needed after all, most changes made by the work are reverted and the results are ignored. The objective is to provide more concurrency if extra resources are available. This approach is employed in a variety of areas, including branch prediction in pipelined processors, value prediction for exploiting value locality, prefetching memory and files, and optimistic concurrency control in database systems.”

The researchers say that how a PC’s memory works could be exploited by Spoiler. This could expose data from running programs. According the the researchers the only way to completely protect a system from Spoiler is by redesigning the silicon. This could be at the expense of overall performance. The researchers said, "There is no software mitigation that can completely erase this problem." 

Intel was made aware of Spoiler in December. Intel told PC gamer, "Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe software development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research." 

Read More:

Intel makes Thunderbolt 3 royalty-free, will be the foundation for upcoming USB4 standard

Acer deemed as 2018's top PC gaming laptop brand in terms of units shipments by IDC

AMD Radeon VII graphics card launched at Rs 54,990

Videos

Dell XPS 15 Intel Core i7 Laptop in depth Review | Digit.in
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.