cancel
Showing results for 
Search instead for 
Did you mean: 

General Discussions

Highlighted
Esteemed Contributor III

Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

https://www.tomshardware.com/news/spectre-ng-vulnerabilities-intel-arm-amd,37002.html

The online German computer magazine Heise.de is reporting that eight new Spectre-class vulnerabilities have been discovered. The vulnerabilities purportedly affect Intel and ARM processors, but the impact on AMD processors remain unknown.

0 Kudos
17 Replies
Highlighted
Challenger
Challenger

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

Has anybody heard of any proven cases of Spectre or Meltdown being used to compromise a system?  There's lot's of "could be used" or "might be used" but I can't find anything stating it "was used".

I think these two vulnerabilities should have been kept under wraps. But I guess that's the internet.

Highlighted
Esteemed Contributor III

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

There are no known Spectre or Meltdown exploits outside the lab, though going by what was revealed they are much more difficult to exploit than, say, finding a flaw in the OS or software, much like how you can freeze RAM chips to steal information, and it's really not that severe considering these vulnerabilities existed for years without discovery.

Highlighted
Esteemed Contributor III

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

At least it says they wont release the vulnerabilities until it's patched this time.

0 Kudos
Highlighted
Esteemed Contributor III

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

The original Spectre and Meltdown weren't due to be released until patches were, but someone leaked it to the media.

0 Kudos
Highlighted
Challenger
Challenger

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

I'm not patching my i7 3930K\ Win 7 Pro because of the possibility of a performance hit (Intel) or not being able to boot (AMD). There doesn't seem to be any real threat to me. If I owned a corporation I would. But I don't.

0 Kudos
Highlighted
Esteemed Contributor III

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

Easier for you, since Spectre updates are meant to work in conjunction with additional updates in the BIOS, you're on a dead platform so you never have to touch it, whereas us on long term Socket AM4 or new Intel platforms do.

0 Kudos
Highlighted
Challenger
Challenger

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

So it's the mainboard manufacturer that writes the patch code into the bios update?

Edit

Did some checking into it. Yea, it's a bios update. But it looks like a zoo with Microsoft, Intel and the mainboard manufacturers. Nothing I want to get involved with. I'm hitting 80FPS avg. on Ultra @ 1440p in Far Cry 5. No need to upgrade into that mess.

0 Kudos
Highlighted
Esteemed Contributor III

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

The performance impact of the patches outside of professional and server applications is minimal, games benchmark within the margin of error from both companies. Storage takes the biggest hit, which if you run a server farm with hundreds or thousands of disks cranking away running cloud based VMs and the like is bad news, but home users aren't affected. The biggest problem comes in with rushed patches causing bootloops and other garbage from Microsoft.

image002

0 Kudos
Highlighted
Adept I
Adept I

Re: Researches discover 8 more Spectre class vulnerabilities in ARM, Intel processors. Effect on AMD unknown.

Proposed solution to spectre class:

If there is some abuse detected by the CPU (eg attempted out of bounds read) can't a new gen of CPUs flip a flag and store Program Counter (and whatever other useful info) so that the OS can be made aware and take appropriate action to deprivilege the thread (eg. make it run in safe mode, with no L1 and L2 cache access, and no future speculative execution).

0 Kudos