The start of 2018 revealed major new security flaws in computer processors. Dubbed “Meltdown” and “Spectre,” the flaws affected “virtually all” computers, and computing companies immediately responded in their own attempts to mitigate the vulnerabilities. It now appears that may have only been the beginning.
According to German computer magazine c’t, researchers have found eight new vulnerabilities in Intel processors, which the magazine has dubbed “Spectre Next Generation.”
These vulnerabilities have already been reported to the manufacturer by “several” research teams, c’t claims. All eight of the flaws come from the same design problem that caused Meltdown and Spectre.
The magazine also claims that it has verified the authenticity of these new flaws. It declined to publish technical details in the hopes that companies would be able to issue security patches before the vulnerabilities are revealed.
A number of the new vulnerabilities are said to be high-risk. Google Project Zero will reportedly be revealing the flaws publicly on May 7, c’t said.
Intel has actually addressed the recent report, though briefly and vaguely, in a blog post called “Addressing Questions Regarding Additional Security Issues.” The company makes no specific claims about the new findings at all — Intel executive vice president Leslie Culbertson only stresses the importance of keeping systems updated, while noting that the company is always working to protect data.
“We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified,” Culbertson wrote.
We’ve heard very little about Meltdown and Spectre since their first public acknowledgement in January, and while companies have been working to mitigate the flaws, that doesn’t mean the issues have been completely resolved. It’s still too early to know what longterm effects Meltdown, Spectre, and these new “Spectre Next Generation” flaws will have on everyday computer users.