Skip to main content

Intel reportedly gears up to patch 8 Spectre Next Generation CPU flaws

A report by C’T Magazine claims that eight new security flaws found in modern processors will be disclosed by Intel in the near future. Intel hasn’t directly addressed the vulnerabilities claimed in the report, but has confirmed the reservation of Common Vulnerabilities and Exposures (CVE) numbers, which is part of the investigation and mitigation of possible issues. 

“Protecting our customers’ data and ensuring the security of our products are critical priorities for us,” Intel’s Leslie Culbertson said in a statement on Thursday, May 3. “We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up to date.” 

Recommended Videos

According to the report, Meltdown and Spectre weren’t the last of the flaws discovered in modern processor designs. Several research teams have reportedly already disclosed eight new security flaws to Intel, all of which stem from the same design problem. The details regarding these eight flaws are unknown, but they are currently dubbed as Spectre Next Generation. 

Don’t let the Star Trek-like name fool you, each flaw will have its own CVE number just like Meltdown and Spectre. Thus, Intel will be required to provide eight different patches.

The Spectre Next Generation patches will supposedly be provided in two waves: The first in May and the second in August. Intel classifies four as “high risk,” so we should expect to see those mitigations this month, while the “medium” vulnerabilities may be fixed this summer.

The flaws are reportedly similar to the original Spectre exploits, save for one that poses a higher risk than Spectre Variant 1 and Variant 2. It could allow a hacker to launch malicious code in a virtual machine, which is a software emulation of a fully functional PC. They are typically used in corporate environments to reduce hardware costs, and run on high-powered data center servers.

Still, the exploit could allow the hacker to attack the host server through a virtual machine, giving the individual access to all the information stored in the server’s memory. That is a problem when servers are running multiple virtual machines simultaneously. 

“Passwords and secret keys for secure data transmission are highly sought-after targets on cloud systems and are acutely endangered by this gap,” the report states. “Intel’s Software Guard Extensions (SGX), which are designed to protect sensitive data on cloud servers, are also not Spectre-safe.” 

Intel isn’t the only CPU maker facing additional patches. The report says some ARM-based processors are also vulnerable to the Spectre Next Generation flaws, while researchers are currently investigating AMD’s processor family for similar vulnerabilities. 

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
AMD CPUs should support CUDIMM memory soon, but not this generation
Official product render of the G.Skill Trident Z5 Neo memory for AMD.

AMD processors can't make full use of CUDIMM memory just yet, but it may well do before the end of this socket. In a recent interview with DigitalTrends, AMD's product management lead for gaming and workstations, Sourabh Dhir, told us that there was no reason that AM5 couldn't support CUDIMM, but wouldn't be draw on a timeline of when we might see it.

Considering we expect AM5 to be AMD's flagship CPU socket for the next couple of generations at least, that probably means we don't have long to wait for the added memory speed support.

Read more
Asus’ new RTX 5090 might be the most ridiculous GPU ever, and it costs $10,000
RTX 5090 Dhahab Edition.

It's no news that Nvidia makes some of the best graphics cards, and Asus is one of its most prominent partners. However, this time the company truly took things to the next level by launching an RTX 5090 that just might be the most ridiculous GPU I've ever seen. Prices range from $7,000 to over $10,500, and there's a good reason for that ... kind of.

The unique Asus ROG Astral RTX 5090 "Dhahab Edition" draws inspiration from the Middle East. In the announcement, Asus says that the card blends modern technology and cultural heritage, reflecting the rapid growth of the Middle East."

Read more
MSI’s powerful Steam Deck rival gets a global release and higher price tag
MSI Claw 8 connected to a monitor

The MSI Claw 8 AI+ Polar Tempest model first launched in April before being removed from MSI's website, but has now returned with a dedicated product listing and a July 15 release date for the United States. This powerful handheld leaves the Steam Deck in the dust in most regards, but has been notably hard to purchase due to high demand and a limited initial production run.

The latest run of the Polar Tempest Edition comes with 2TB of storage and is priced at $999, versus the original Sandstorm model with 1TB of storage and an $899 price tag. In addition to a US release, fans have spotted listings in Germany, which suggest Europe will also get another release this summer. The only other difference is the white front panels (hence the Polar moniker).

Read more