Two New Spectre Vulnerabilities Disclosed

Researchers have disclosed two new Spectre vulnerabilities that take advantage of the process of speculative execution, a feature that improves performance and is found in all modern central processing units (CPUs). The first vulnerability, dubbed Spectre 1.1, uses speculative execution to deliver code that overflows CPU store cache buffers to write and run malicious code. Researchers believe there is currently no effective way to generically detect or mitigate this vulnerability. The second vulnerability, Spectre 1.2, can be exploited to allow a threat actor to write to CPU memory sectors, which are normally protected as read-only. This renders sandboxing that is dependent on read-only memory ineffective. To exploit either of these vulnerabilities, malicious code to run the attack needs to be present on the victim’s machine. Some Intel, ARM, and possibly AMD CPUs are vulnerable to Spectre 1.1; information on Spectre 1.2 has not yet been released. The NJCCIC recommends users and administrators review the NJCCIC page dedicated to Meltdown and Spectre vulnerabilities, review the paper on Spectre 1.1 and Spectre 1.2, and apply patches if/when they become available.