- Feb 4, 2016
One of the biggest security stories of 2018 has been the discovery of the Meltdown and Spectre chip flaws. Known as speculative execution exploits, the flaws make it possible to steal potentially sensitive information and there has been an on-going battle to issue patches wherever possible.
Just as things were starting to die down a little, security researchers have revealed details of no fewer than seven more speculative execution attacks. While some of these attack vectors have already been mitigated against, this is not the case for all of them.
As detailed by Ars Technica, researchers have undertaken a systematic analysis of the techniques involved in the Spectre and Meltdown exploits, and this is how the new variants have been discovered.
One of the newly-discovered exploits uses Intel's Protection Keys for Userspace (PKU), and Peter Bright explains: