Spectre, a chip vulnerability first discovered in 2018 that came to involve more vulnerabilities that year, is back, as researchers have discovered new variants that affect all modern processors.

Detailed this past week by researchers from the University of Virginia and the University of California at San Diego, the three new Spectre vulnerabilities were found in the micro-op cache, a feature found in modern central processing units. The feature is designed to improve the performance of a process by storing low-level instructions that can be fetched in the speculative execution process to predict which functions will be executed. Essentially it improves the performance of a process.

Micro-op cache has been present in Advanced Micro Devices Inc. processors since 2017 and Intel Corp. processors since 2011 and hence the new Spectre vulnerabilities affect chips from both. The new Spectre vulnerabilities allow an attacker to subvert the speculative execution process via the micro-op cache giving access to sensitive data while instructions are being executed.

The first vulnerability allows for a same thread-cross domain attack that exposes information across the same domain. The second allows for a cross-SMT thread attack that can obtain information across threads running on the same physical core. And the third allows for a transient execution attack that can gain access to data through a “misspeculated” path.

“Due to the relatively small size of the micro-op cache, an attack is significantly faster than existing Spectre variants that rely on priming and probing several cache sets to transmit secret information,” the researchers said. The new Spectre attacks are also described as “considerably more stealthy, as it uses the micro-op cache as its sole disclosure primitive, introducing fewer data/instruction cache accesses, let alone misses.”

“Billions of computers and other devices across the globe are just as vulnerable today as they were when Spectre was first announced,” the researchers added.

The original Spectre vulnerabilities were in part fixed at the time, with Microsoft Corp. providing some protection and Intel redesigning next-generation chips. That said, they were never fully protected against: Intel said at the time that it had no intent to provide protection for older chips.

The problem with both the original Spectre and these new Spectre vulnerabilities is that they’re built into the hardware. One method could be disabling micro-op cache or halting speculative execution, but as the researchers noted, this fix would “effectively roll back critical performance innovations in most modern Intel and AMD processors, and this just isn’t feasible.”

Image: Wikimedia Commons