Researchers discover a new 'Spoiler' flaw in Intel CPU’s

By Digit NewsDesk | Updated 6 Mar 2019
Researchers discover a new 'Spoiler' flaw in Intel CPU’s
  • The flaw is similar to Spectre and affects Intel CPUs all the way back to the first generation of Core CPUs.

Highlights

  • Security researchers have discovered a new vulnerability in Intel Chips.
  • The vulnerability is called Spoiler.
  • Intel was made aware of Spoiler in December.

Security researchers at Worcester Polytechnic Institute and the University of Lübeck have published a paper outlining a vulnerability on Intel processors. The vulnerability only affects Intel chips and not AMD or ARM chips. The vulnerability affects Intel chips all the way back to the first generation of Core CPUs. According to the researchers, the potential attack vector is similar to Spectre, but not subject to the same mitigations. Just to be clear, Spectre and Spoiler are 2 different attacks. 

advertisements

The vulnerability affects “Speculative execution”. According to Wikipedia, Speculative execution “is an optimization technique where a computer system performs some task that may not be needed. Work is done before it is known whether it is actually needed, so as to prevent a delay that would have to be incurred by doing the work after it is known that it is needed. If it turns out the work was not needed after all, most changes made by the work are reverted and the results are ignored. The objective is to provide more concurrency if extra resources are available. This approach is employed in a variety of areas, including branch prediction in pipelined processors, value prediction for exploiting value locality, prefetching memory and files, and optimistic concurrency control in database systems.”

The researchers say that how a PC’s memory works could be exploited by Spoiler. This could expose data from running programs. According the the researchers the only way to completely protect a system from Spoiler is by redesigning the silicon. This could be at the expense of overall performance. The researchers said, "There is no software mitigation that can completely erase this problem." 

Intel was made aware of Spoiler in December. Intel told PC gamer, "Intel received notice of this research, and we expect that software can be protected against such issues by employing side channel safe software development practices. This includes avoiding control flows that are dependent on the data of interest. We likewise expect that DRAM modules mitigated against Rowhammer style attacks remain protected. Protecting our customers and their data continues to be a critical priority for us and we appreciate the efforts of the security community for their ongoing research." 

advertisements

Read More:

Intel makes Thunderbolt 3 royalty-free, will be the foundation for upcoming USB4 standard

Acer deemed as 2018's top PC gaming laptop brand in terms of units shipments by IDC

advertisements

AMD Radeon VII graphics card launched at Rs 54,990

advertisements
Digit NewsDesk
The guy who answered the question 'What are you doing?' with 'Nothing'.
advertisements
ASK DIGIT

Recent Questions

Is this a design flaw?
Ashrith Kamath
Jan 14, 2015
Responses 1
Digit Test Labs
Jan 14, 2015
Comments
Be the first one to post the comment
Post a New Comment
You must be signed in to post a comment
advertisements