News has just started spreading that researchers have sighted another eight Spectre like vulnerabilities in Intel processors, all resemble Spectre, four of them are critical. The new vulnerabilities are grouped and named as Spectre-ng. The newly discovered vulnerabilities would make it really easy to exploit a host from a simple VM.
German c’t / Heise reports and breaks the news today, as the new vulnerabilities have not been made public just yet. There would be ‘no doubt’ that these are real vulnerabilities. While technical details are missing, the attack scenarios resemble close to what the Spectre vulnerabilities are.
Currently, most at risk are shared hosting providers, once you have access to your rented server-container, you could exploit the processor to retrieve secure data. All eight vulnerabilities share the same design problem that the “Meltdown and Spectre” vulnerabilities detailed as well – they are, so to speak, Spectre Next Generation ergo Spectre NG. c’t mentions they have concrete information about Intel’s processors and their patch plans. However, there are some indications that other processors are affected as well, at least some ARM CPUs are also vulnerable to some extent. Further research into whether and to what extent the AMD processor architecture is vulnerable at (if at all), is not yet known.
Intel is reportedly actively and nervously working on Spectre NG patches behind the scenes; other patches are developed in collaboration with the operating system manufacturers (Microsoft / Linux etc). When exactly the first Spectre NG patches and firmware updates will become available is not yet clear. According to information, Intel is planning at least two patch waves: a first one should start in May; a second is currently scheduled for August. For at least one of the Specter NG patches is already a specific date as it was Google’s Project Zero that has found one of the vulnerabilities, on May 7 – the day before the Windows Patchday – the 90-day warning period expires. So it’s likely that when the first patch would be released for Microsoft Windows. Microsoft is preparing CPU patches: they appear to be in the form of optional Windows updates, and not so much microcode updated (firmware). The PC motherboard and server manufacturers probably need too long for BIOS updates.
Intel classifies four of the Specter NG vulnerabilities as “high-risk”; which in Intel language is translated as: super dangerous. The danger of the other four is rated as medium. According to c’t/Heise, Specter-NG risks and attack scenarios are similar to those of Specter – with one exception. C’t calls the Intel vulnerabilities and their procs a Swiss Cheese due to the many security holes.
Post your thoughts below in the comment section.