Security News > 2018 > May > New Spectre-like flaw found in CPUs using speculative execution
A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by independently by Google Project Zero and Microsoft Security Response Center researchers and dubbed “Variant 4,” is a Speculative Store Bypass (SSB) vulnerability, and is considered to be a new variant of the previously revealed Spectre Variant 1 vulnerability. “Variant 4 is a vulnerability that exploits ‘speculative bypass.’ When exploited, … More → The post New Spectre-like flaw found in CPUs using speculative execution appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/qu8Vm7RefFw/
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-22 | CVE-2018-3639 | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 5.5 |