New Intel Spectre Vulnerabilities discovered, Patches delayed
It appears that we haven’t finished with all the Spectre Vulnerabilities, and is far from over. Recently, new flaws have been found, for which have raised concerns among the PC users. Namely, a former Intel Security Head has discovered some of them, which correspondingly attach to the Spectre class.
The German magazine Heise has discovered that eight new vulnerabilities have been found in Intel Processors, and we’re about to receive new patches dealing with these new flaws. After the first security patches were released, it appears that we have more coming.
According to Yuriy Bulygin, new execution attacks have been found, which allows an unauthorized user to read memory contents, despite the System Managed Mode protection. SMM or System Managed Mode has a job to suspend the operating system whenever new interrupts appear, allowing it to handle all the power management and hardware control. This very critical role holds the guilt and has been designed in the early 90s.
Now, when it comes to Intel CPUs, the access to the SMM is prevented by range registers known as System Management Range Register (SMRR). Therefore, these new Intel Spectre flaws elevate the bound checks and allow a bypass of the SMRR protection, which in terms provides access to the SMM and further digging by reading the stored memory contents.
Will there be new patches by Intel and Microsoft and finally an end to Spectre and Meltdown? Most likely, and we may encounter yet another performance hitch when it comes to gaming.