Earlier this month, cyber-security researchers announced the discovery of two new variants of the well-known Spectre vulnerability. According to experts from Microsoft and Google, the third and the fourth Spectre variants allow potential attackers to gain unauthorized access to unprotected machines using two types of exploits. It is known that the third variant lets attackers with local access read system parameters over side-channel analysis, providing them this way with the opportunity to extract sensitive information. At the same time, the fourth bug exploits speculative bypass and lets unauthorized parties read old memory values from the CPU stack, or from other memory locations.
The two new security vulnerabilities have been named CVE-2018-3640 and CVE-2018-3639, but researchers call them unofficially Spectre Variant 3a and Spectre Variant 4, whereby the first one is identified as Rogue System Register Read while the second one known as Speculative Store Bypass.
The experts’ report also reveals that an exploit based on the Spectre 4 side-channel vulnerability would have a complex implementation, but it could allow attackers to read arbitrary privileged data or execute commands speculatively. As a result, certain cache allocations can happen, which could make it possible for the attackers to exfiltrate data using standard side-channel methods.
It looks like almost all Intel processor lines have been affected by the Spectre 3a and the Spectre 4 vulnerabilities. The list officially released by the company includes Intel Core processors from the 2nd through the 8th generation, 45nm and 32nm processors from the Intel Core i3, i5, i7, and M families, Intel Core X-Series processor family for Intel X99 and X299 platforms, as well as the Intel Xeon and Scalable families. In addition to that, various models from the Intel Atom Series have been affected by the latest two Spectre variants as well.
Regarding the new discoveries, cyber-security experts advise users and system administrators to install the latest software and hardware updates which should already contain patches. That is the only way to mitigate any potential threats resulting from the third and the fourth Spectre vulnerability variants. Also, administrators should test the environment before implementing the patches in order to make sure they work properly. Otherwise, they could interfere with critical applications and services.