Intel, AMD and ARM CPUs hit by new Spectre vulnerability

(Image credit: Natascha Eibl and Intel)

A few days ago, Intel and ARM chips were found to be affected by a new Spectre vulnerability. Dubbed Spectre V2, AMD processors were thought to avoid the issue but new research shows that AMDs mitigation efforts to be inadequate.

The team of researchers from the Vrije Universiteit Amsterdam (via Tom's Hardware) in the Netherlands demonstrated a new Spectre attack that bypasses hardware mitigations put in place by Intel and ARM over the last few years. AMD was thought to be immune, or at least not significantly impacted but Intel have since revealed that AMD's chipset can present vulnerabilities. Since then, AMD released a security notice that confirms its vulnerability.

Spectre is a security vulnerability that affects modern microprocessors that perform speculative branch prediction. A side effect of this is the possibility of revealing data to attackers. Though Spectre itself dates back to 2017, similar vulnerabilities have been present for many years.

Beginning in 2018 security measures were put into place including OS updates, BIOS microcode mitigations and eventually, hardware fixes. However it looks like these measures weren't enough to prevent further exploits.

Tips and advice

The Nvidia RTX 3070 and AMD RX 6700 XT side by side on a colourful background — (Image credit: Future)

How to buy a graphics card: tips on buying a graphics card in the barren silicon landscape that is 2022

“The mitigations [implemented by Intel and Arm] work as intended, but the residual attack surface is much more significant than vendors originally assumed,” the researchers explained.

While end users are unlikely to fall victim to a Spectre attack, its still advisable to install the various protection updates as they become available, even if they can lead to a loss of performance. Luckily, many apps can be coded with little if any performance penalty, but code run via a web browser should be run with mitigations in place.

So, while news of new vulnerabilities are unwelcome, it’s important not to panic. It’s believed that these risks are rarely, if ever exploited. Malicious actors use easier methods to get what they want so as long as you keep your system up to date, there’s little, if anything to worry about.

Chris' gaming experiences go back to the mid-nineties when he conned his parents into buying an 'educational PC' that was conveniently overpowered to play Doom and Tie Fighter. He developed a love of extreme overclocking that destroyed his savings despite the cheaper hardware on offer via his job at a PC store. To afford more LN2 he began moonlighting as a reviewer for VR-Zone before jumping the fence to work for MSI Australia. Since then, he's gone back to journalism, enthusiastically reviewing the latest and greatest components for PC & Tech Authority, PC Powerplay and currently Australian Personal Computer magazine and PC Gamer. Chris still puts far too many hours into Borderlands 3, always striving to become a more efficient killer.