New secret-spilling flaw affects almost every Intel chip since 2011

[InfoSec News <alerts () infosecnews org>]

https://techcrunch.com/2019/05/14/zombieload-flaw-intel-processors/

By Zack Whittaker
TechCrunch
May 14, 2019

Security researchers have found a new class of vulnerabilities in Intel chips
which, if exploited, can be used to steal sensitive information directly from
the processor.,

The bugs are reminiscent of Meltdown and Spectre, which exploited a weakness in
speculative execution, an important part of how modern processors work.
Speculative execution helps processors predict to a certain degree what an
application or operating system might need next and in the near-future, making
the app run faster and more efficient. The processor will execute its
predictions if they’re needed, or discard them if they’re not.

Both Meltdown  and Spectre  leaked sensitive data stored briefly in the
processor, including secrets -- such as passwords, secret keys and account
tokens, and private messages.

Now some of the same researchers are back with an entirely new round of
data-leaking bugs.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_