Intel reportedly gears up to patch 8 Spectre Next Generation CPU flaws

A report by C’T Magazine claims that eight new security flaws found in modern processors will be disclosed by Intel in the near future. Intel hasn’t directly addressed the vulnerabilities claimed in the report, but has confirmed the reservation of Common Vulnerabilities and Exposures (CVE) numbers, which is part of the investigation and mitigation of possible issues. 

“Protecting our customers’ data and ensuring the security of our products are critical priorities for us,” Intel’s Leslie Culbertson said in a statement on Thursday, May 3. “We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up to date.” 

According to the report, Meltdown and Spectre weren’t the last of the flaws discovered in modern processor designs. Several research teams have reportedly already disclosed eight new security flaws to Intel, all of which stem from the same design problem. The details regarding these eight flaws are unknown, but they are currently dubbed as Spectre Next Generation. 

Don’t let the Star Trek-like name fool you, each flaw will have its own CVE number just like Meltdown and Spectre. Thus, Intel will be required to provide eight different patches.

The Spectre Next Generation patches will supposedly be provided in two waves: The first in May and the second in August. Intel classifies four as “high risk,” so we should expect to see those mitigations this month, while the “medium” vulnerabilities may be fixed this summer.

The flaws are reportedly similar to the original Spectre exploits, save for one that poses a higher risk than Spectre Variant 1 and Variant 2. It could allow a hacker to launch malicious code in a virtual machine, which is a software emulation of a fully functional PC. They are typically used in corporate environments to reduce hardware costs, and run on high-powered data center servers.

Still, the exploit could allow the hacker to attack the host server through a virtual machine, giving the individual access to all the information stored in the server’s memory. That is a problem when servers are running multiple virtual machines simultaneously. 

“Passwords and secret keys for secure data transmission are highly sought-after targets on cloud systems and are acutely endangered by this gap,” the report states. “Intel’s Software Guard Extensions (SGX), which are designed to protect sensitive data on cloud servers, are also not Spectre-safe.” 

Intel isn’t the only CPU maker facing additional patches. The report says some ARM-based processors are also vulnerable to the Spectre Next Generation flaws, while researchers are currently investigating AMD’s processor family for similar vulnerabilities. 

Emerging Tech

CES 2019 recap: All the trends, products, and gadgets you missed

CES 2019 didn’t just give us a taste of the future, it offered a five-course meal. From 8K and Micro LED televisions to smart toilets, the show delivered with all the amazing gadgetry you could ask for. Here’s a look at all the big…
Smart Home

The best sous vide machines cook your food perfectly, every single time

Want to make four-star meals from the comforts of your own kitchen? Here are the best sous vide machines available right now, whether you prefer simple immersion circulators or something more complex.
Mobile

We tried all the latest and greatest smartphones to find the best of 2019

Smartphones are perhaps the most important and personal piece of tech on the planet. That’s why it’s important to pick the best phone for your individual needs. Here are the best smartphones you can buy.
Home Theater

Here’s why you’re not getting Netflix in HD or 4K, and how to fix it

Are you having trouble watching your favorite movies or TV shows on Netflix in HD or 4K? We explain why loading takes so long, why the picture quality fluctuates, and what you can do about it.
Computing

Microsoft will end support for Windows 7 one year from now

Microsoft is set to end extended support for Windows 7 on January 14, 2020, putting a halt on the free bug fixes, and security patches for most who have the operating system installed. 
Computing

Hackers are scoring with ransomware that attacks its previous victims

Computer viruses are always evolving. In a new one, dubbed "Ryuk," hackers are targeting PCs with ransomware that scours an infected network in order to pinpoint and attack and enterprises with big money.
Computing

An update to Microsoft To-Do will help you keep up with your resolutions

If you're looking to stay productive in 2019, you might want to check out the freshly updated Microsoft To-Do app, now with additional integration with the Windows 10 Start Menu and more.
Computing

Want to save a webpage as a PDF? Just follow these steps

Need to quickly save and share a webpage? The best way is to learn how to save a webpage as a PDF file, as they're fully featured and can handle images and text with ease. Here's how.
Computing

Could the next Microsoft HoloLens be announced at MWC 2019?

After not having a presence at Mobile World Congress for three years, Microsoft is now sending out media invites for a press conference on February 24 during the annual event in Barcelona. Could a next-generation HoloLens be on the way?
Computing

Microsoft to separate Cortana from search with the next version of Windows 10

Changes are on the way for two key features in Windows 10. A separation of Windows 10 search and Cortana will allow Microsoft to more often innovate on each of the features independently.
Computing

Delete tracking cookies from your system by following these quick steps

Cookies are useful when it comes to saving your login credentials and other data, but they can also be used by advertisers to track your browsing habits across multiple sites. Here's how to clear cookies in the major browsers.
Computing

Convert your PDFs into convenient Word documents with Adobe or a free option

PDF files are great, but few document types are as malleable as those specific to Microsoft Word. Here's how to convert a PDF file into a Word document, whether you prefer to use Adobe's software suite or a freemium alternative.
Computing

Nvidia’s next midrange card might be a GTX 1660 Ti, rumors suggest

Nvidia may be working on a non-RTX Turing graphics card called the 1660 Ti. Rumors suggest it will have around 20 percent fewer CUDA cores than the RTX 2060 and will lack ray tracing support.
Deals

From Samsung to HP, here are the best cheap Chromebook deals right now

Whether you want a compact laptop to enjoy some entertainment on the go, or you need a no-nonsense machine for school or work, we've smoked out the best cheap Chromebook deals -- from full-sized laptops to 2-in-1 convertibles -- with most…