The flaw is present in all Intel generations after the first generation of Intel Core
According to network security experts, attackers would require a foothold to exploit the vulnerability and to be corrected substantial hardware-level modifications would be required.
It should be mentioned that speculative execution, which allows processors to assume that a condition can be true or false to later maintain or discard results, is what allowed Spectre variants to emerge early in 2018. Network security specialists from various research centers recently presented a document showing a new way of abusing the increase in CPU performance.
Experts found that a weakness of the Intel processors memory subsystem can leak data about memory design, facilitating the deployment of other attack variants, such as the well-known Rowhammer. Experts commented that the ARM and AMD processors were also examined, although no evidence of similar behavior was found.
“Exploiting the Spoiler vulnerability requires only a small set of instructions and is present in all Intel generations after the launch of Core processors, regardless of the operating system, it can even affect machines and sandbox environments,” experts say.
In the research, experts point out that this problem is independent of variants of the Spectre vulnerability, so the existing mitigations for Spectre will not be functional to reduce the risks of exploiting Spoiler.
Intel was notified of the vulnerability at the end of last year. However, because the company has not made any statements about it, the researchers decided to publicly disclose the vulnerability report.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.