Skip to main content

New ‘Prime’ Meltdown, Spectre exploits outlined by Nvidia, Princeton University

Just one month after researchers exposed methods to extract sensitive data from a device’s memory through all modern processors, another research paper arrives to illustrate how the processor design flaw can be used in other attacks. The paper, dubbing the new exploits MeltdownPrime and SpectrePrime, derives from three researchers who work at at Princeton University and graphics chip manufacturer Nvidia. 

As reported last month, all processors dating back to at least 2011 have a flaw in the way they’re designed. Part of a processor’s speed comes from its ability to predict where the current list of instructions will go — they have “branch prediction units” that take an educated guess about what command will come next. To make these predictions, processors toss data back and forth from two memory sets: local on-chip memory called cache for fast access, and the PC’s system memory. This data isn’t secured, and that’s where the original Meltdown and Spectre attacks come in. 

The Meltdown approach applies to Intel and Apple processors. A hacker can create a malicious program to access that raw information, which could include usernames, passwords, credit card numbers, and so on. It taps into the privileged information typically only accessible by the root of an operating system, otherwise known as the kernel. 

Get your weekly teardown of the tech behind PC gaming
Check your inbox!

Meanwhile, Spectre applies to Intel, AMD, and all mobile chips based on ARM’s processor design, including Apple. Here hackers can create a program to trick the processor into executing instructions not built into legitimate programs and apps installed on the PC. In other words, your favorite apps and programs could be tricked into coughing up your sensitive data. 

Both methods are merely proof-of-concepts reported by Google Project Zero, and researchers from Cerberus Technology and various universities. Both are called side-channel attacks as they don’t target specific software, such as Adobe Flash. 

The new MeltdownPrime and SpectrePrime exploits rely on an attack called Prime+Probe that takes advantage of processor “cache invalidations,” which is a method of replacing or removing entries in the CPU’s cache. Whereas Meltdown and Spectre simply “pollute” this cache during the CPU’s path prediction (aka speculative execution), the new exploits take a different approach. 

“MeltdownPrime and SpectrePrime are caused by write requests being sent out speculatively in a system that uses an invalidation-based coherence protocol,” the paper states. A coherence protocol means that the PC is keeping all data stored in cache and memory consistent. But that protocol may “invalidate cache lines in sharer cores as a result of a speculative write access request even if the operation is eventually squashed.” 

The researchers validated their findings using a MacBook packing an Intel Core i7 processor, and MacOS Sierra v10.12.6. They ran the exploit 100 times on the machine, with a 99.95-percent success rate for SpectrePrime versus the 97.9-percent rate seen with the vanilla Spectre exploit. 

“We believe that any software techniques that mitigate Meltdown and Spectre will also be sufficient to mitigate MeltdownPrime and SpectrePrime. On the other hand, we believe that microarchitectural mitigation of our Prime variants will require new considerations,” the paper states. 

Editors' Recommendations

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Save $400 on this Dell PC with an RTX 4070, 32GB of RAM, 1TB SSD
The Dell XPS desktop on a table.

If you're willing to spend on desktop computer deals for a machine that will offer flagship performance for all of your needs, it's highly recommended that you go with the Dell XPS Desktop 8960. This certain configuration that's on sale from Dell will let you enjoy savings of $400 on its original price of $2,250, so you'll have to pay $1,850 -- it's still not cheap, but it's going to be worth every single penny at this discounted price. You're going to have to be quick though -- this is a clearance sale, so there's no telling when the offer expires and when stocks will run out.

Why you should buy the Dell XPS Desktop 8960
The Dell XPS Desktop 8960 isn't just an excellent PC -- it's our top pick among the best desktop computers for its flexibility to accommodate almost any budget and purpose. This particular model of the PC features the 13th-generation Intel Core i9 processor, the Nvidia GeForce RTX 4070 graphics card, and 32GB of RAM, which will make it more than enough to tackle even the most demanding tasks, while also offering high-end gaming potential to play the best PC games for whenever you need to take a break from work.

Read more
Best color laser printers for 2024: tested and reviewed
A Brother printer on a counter in front of a brick wall.

The best color laser printers can be a great investment, saving you quite a bit of time and money. For shoppers worried about the long-term ink costs, you'll find color laser printers surprisingly affordable. Laser printers use toner, which lasts a very long time, delivering a low cost per page for monochrome documents and fast color prints. The best color laser printers offer quick performance and reliability to help keep your home office or small business productive.

If you need to scan documents for record-keeping and photo capture or want the convenience of a color copier, an all-in-one color laser printer is an essential tool for your small business or personal use. For a small added cost, you get expanded capabilities. That's why every model on this list is an all-in-one from the best printer brands.

Read more
The 5 best Wi-Fi adapters for PC in 2024
The Ugreen AC1300 Wi-Fi adapter in a desktop PC.

Whether you're designing it yourself or getting a pre-built PC, it can be easy to get a computer and realize that it doesn't have a native Wi-Fi adapter. Or, maybe it does, but you're internet speeds are getting faster, game downloads are getting bigger, you've already upgraded your router and need an adapter to match your newfound power requirements. No matter the situation, an external Wi-Fi adapter that you can add to your PC setup or even laptop setup will be worth your time. Here, we investigate the best Wi-Fi adapters for PC use. Most are incredibly affordable and just snap into a free USB port and start working.
The best Wi-Fi adapter for PC in 2024

Buy the

Read more