According to a report by C’T magazine, researchers have found several data-leaking Spectre CPU vulnerabilities in Intel chips, which they are calling “Spectre Next Generation” or Spectre-NG.
There are reportedly eight new CVE-listed vulnerabilities, which Intel has not confirmed for now. The company, however, has confirmed the reservation of Common Vulnerabilities and Exposures (CVE) numbers, which is part of the investigation and mitigation of possible issues.
« So far we only have concrete information on Intel’s processors and their plans for patches. However, there is initial evidence that at least some ARM CPUs are also vulnerable, » the report read.
According to the report, further research is also underway on whether the “closely related AMD processor architecture is also susceptible to the individual Spectre-NG gaps,” and to what extent.
The report also says that Intel is already working on its own patches for Spectre-NG and others in cooperation with the operating system manufacturers.
The company is reportedly planning on two waves of patches: first in May and another in August.
“We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date,” Leslie Culbertson, Executive Vice President and General Manager of Product Assurance and Security at Intel Corporation, said in a statement on Thursday, addressing questions regarding security issue.
To read the original article: