Remember the Meltdown and Spectre fixes that Intel is baking into its processors to make them bulletproof to these vulnerabilities at a silicon level, and which are expected to be incorporated into new CPUs that ship later this year? Well, it’s allegedly the case that those countermeasures won’t defend these chips against a new freshly-discovered Spectre flaw.
Earlier this week came the official revelation that there is a fresh strain of Spectre – Variant 4, known as Speculative Store Bypass – which leverages similar vulnerabilities to the existing variants, although Intel noted it uses a different method to crack into the sensitive data held in your computer’s memory.
And, according to sources who spoke to Threatpost, the aforementioned safeguards which Intel is implementing may protect against Spectre Variants 2 and 3, but not this fourth incarnation.
There may also be further spins along these sort of speculative execution side channel vulnerabilities in the future, the sources further noted (which is precisely why Microsoft, for one, recently kicked off a major bug bounty program with big rewards for those who flag up these issues).
At any rate, Intel isn’t leaving processors undefended against Variant 4, of course, even if it does turn out to be the case that the new integrated silicon-level countermeasures aren’t able to protect against V4.
Check out our comprehensive guide on how to protect yourself from Spectre and Meltdown.
As the chip manufacturer said earlier this week, the new bug is ‘medium risk’, and it has “already delivered the microcode update for Variant 4 in beta form to OEM system manufacturers and system software vendors, and we expect it will be released into production BIOS and software updates over the coming weeks.”
The issue with this fix is, unlike baked-in protection, there’s a performance price to pay, just like previous Meltdown and Spectre patches. Intel estimates that to be a slowdown of around 2% to 8% based on SYSmark and other benchmarks, but of course mileage will doubtless vary from system to system.
Interestingly, Intel will be delivering this Variant 4 fix as an optional measure, and it will actually be set to off by default. That means users will need to enable protection if they so wish, or carry on regardless and avoid any performance hit, with the potential risk of being exploited down the line.
- We’ve chosen the best laptops of 2018
Sign up to receive daily breaking news, reviews, opinion, analysis, deals and more from the world of tech.
Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).