With the entire Spectre episode and the recent delays with the launch of 10nm chips, it appears that there is no end in sight for Intel’s plight. Now it is being reported by a German magazine Heise.de that the Spectre drama may start to heat up things once again.
About The New Spectre
According to the magazine, like the previous vulnerabilities, the so-called Spectre-NG (Next Generation) also leaves loopholes for attackers to exploit in the processor’s speculative execution engine.
The exact details are not being provided for the fear of an all-out attack on consumer desktops. However, unlike the previous vulnerabilities which were rated at “medium” in terms of the risks they posed, four of the eight Spectre-NG vulnerabilities are termed “high risk”, with the remaining four staying at “medium”.
Intel has rolled out a (customary) press release addressing the issue, but missing out on the details of the fix altogether:
Protecting our customers’ data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date.
Intel’s credibility will be at an all-time low by this point as it recommends users to update their desktop all the time. With the previous fixes bricking countless machines worldwide (alongside the report that Intel knew about the problem with its fixes) means many people would rather wait before installing.
Ultimately, the main headache could be the lower clock speeds. While the previous fix decreased performance in certain cases by 30% (especially for older processors), it is not known whether a similar calamity will strike this time as well.