According to a new study, processors with micro-op caching can be vulnerable to certain attacks.
–
The University of Virginia and the University of California are one surprised the world with a recent publication, in which new Specter vulnerabilities are reported. All three new variants focus on the micro-op cache in the processors, from which information can be retrieved in different ways while the instructions are executed. By implication, processors that have micro-op caching are affected, i.e. most post-2011 Intel and post-2017 AMD products, but ARM designs cannot be completely ruled out either.
Hirdetés
–
–
The big question is to what extent the new attack possibilities can be exploited in practice. In theory, this is a threat, and the attack is difficult to detect because it takes place inside the hardware, where the system is already working on more micro-operations with more complex operations, so patches for Specter vulnerabilities can’t do anything. However, the risk is not necessarily high yet, as such a specific attack requires a high level of access to a particular computer, which can be prevented by typical security measures. Nonetheless, researchers exploring the gaps have notified AMD and Intel of the problem.
Intel has already responded, and they claim that following their secure programming guidelines can prevent attacks that focus on micro-op caching, because in addition to installing patches that have already been released, the recommendations provide protection against retrieving information through that component.
The problem is really that the fixes for Specter vulnerabilities work in the late stages of speculative execution, while the forms of attack now uncovered focus on the early stages of processing. Sure, it’s okay as long as there’s some ammunition against them with secure programming, but it can’t be ruled out that an attack vector for a micro-op cache will be born later that already circumvents the current defenses. At this point, the situation becomes interesting because a patch specifically targeting a micro-op cache needs to be deployed, which can result in a fairly large loss of performance.
– .