The Next Instalment In The Series No One Wanted In The First Place
The only good news is for people who grabbed a relatively new AMD processor as the new Spectre vulnerability only effects Zen 1, Zen 1+, and Zen 2. Intel owners, on the other hand, including Xeon owners are vulnerable to this new speculative execution attack that can avoid all current Spectre mitigations. The two companies revealed that they were aware of this vulnerability before being contacted by the researchers who discovered it independently. Interestingly AMD’s response indicated that Zen 3 could also be vulnerable, and referred to it as a software flaw as opposed to a hardware flaw; regardless a patch for older Zen processors is not forthcoming. Not exactly the best response, but at least newer processors are immune and we can hope continued pressure will convince AMD to change it’s mind.
Intel has been pushing a microcode patch, however some OSes such as Ubuntu have yet to receive the patch. It seems that so far no attacks have been detected using this new Spectre variant and as usually it is not the easiest flaw to exploit but it is still a concern. Learn how Spectre is continuing to be exploited at Bleeping Computer.