- Joined
- Aug 20, 2006
- Messages
- 13,000
The Spectre saga continued this week after researchers revealed details on two new variations of the vulnerability, dubbed Spectre 1.1 and Spectre 1.2. Again, both take advantage of speculative execution: the former delivers “code that overflows CPU store cache buffers in order to write and run malicious code,” while the latter “can be exploited to write to CPU memory sectors that are normally protected by read-only flags.”
Intel and ARM have publicly acknowledged that some of their CPUs are vulnerable to Spectre 1.1. AMD has not published a statement, but AMD has been historically slow at reviewing security issues. Since all Spectre attacks affected AMD CPUs, it is safe to assume that these new ones also affect AMD's portfolio as well. Researchers didn't release information on CPUs impacted by Spectre 1.2.
Intel and ARM have publicly acknowledged that some of their CPUs are vulnerable to Spectre 1.1. AMD has not published a statement, but AMD has been historically slow at reviewing security issues. Since all Spectre attacks affected AMD CPUs, it is safe to assume that these new ones also affect AMD's portfolio as well. Researchers didn't release information on CPUs impacted by Spectre 1.2.