New Specter Gap in Intel Processors on Windows

Just over a year and a half after the release of the Meltdown and Specter vulnerabilities, which enabled novel side channel attacks on a variety of processors from Intel and other vendors, new, related approaches have been discovered once again. The cleanup after the first discoveries still take. The research laboratory of the Romanian anti-virus manufacturer Bitdefender claims to have spent a year researching and working with Intel and Microsoft to address the vulnerability, which will be unveiled on Wednesday at the Black Hat USA 2019 security conference in Las Vegas. The gap, which has not yet been given its own memorable name, combines speculative execution with the use of a specific command from the Windows operating system within a so-called gadget, a code snippet. This can be used to spy out otherwise inaccessible storage locations (leak gadgets) or to send this information over the network (transmit gadgets).

The new attack bypasses all known protections that were implemented after Specter and Meltdown in the spring of 2018. It affects all modern Intel CPUs (those with Ivy Bridge or newer), but works so far only on Windows operating systems. The necessary patches have already been created by Microsoft. Specter-like gaps that make information from protected areas readable or manipulable through Speculative Execution and various types of page channels have been regularly discovered since 2018, most recently in May this year. Some are easier to patch, like the current one, others heavier.