Security News > 2018 > May > New Spectre-like flaw found in CPUs using speculative execution

New Spectre-like flaw found in CPUs using speculative execution
2018-05-22 20:13

A new flaw that can allow an attacker to obtain access to sensitive information on affected systems has been discovered in modern CPUs. CVE-2018-3639, discovered by independently by Google Project Zero and Microsoft Security Response Center researchers and dubbed “Variant 4,” is a Speculative Store Bypass (SSB) vulnerability, and is considered to be a new variant of the previously revealed Spectre Variant 1 vulnerability. “Variant 4 is a vulnerability that exploits ‘speculative bypass.’ When exploited, … More → The post New Spectre-like flaw found in CPUs using speculative execution appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/qu8Vm7RefFw/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-3639 Information Exposure Through Discrepancy vulnerability in multiple products
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4.
5.5