Researchers discover yet another Spectre vulnerability in Intel processors

Researchers discover yet another Spectre vulnerability in Intel processors


Intel reassures the public that there is no cause for concern regarding a newly discovered attack targeting their CPUs. The attack, known as Indirector, exploits the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB) on high-end Intel CPUs. Researchers at the University of California, San Diego described Indirector as a high-precision BTI attack that can potentially compromise the security of modern CPUs by allowing attackers to access sensitive information stored in memory.

Despite the severity of the attack, Intel asserts that existing mitigation guidelines, such as IBRS, eIBRS, and BHI, are sufficient to protect against Indirector. The chip giant has communicated with other hardware and software vendors to address the issue. Researchers have also proposed additional mitigation measures to safeguard against Indirector attacks.

The researchers have developed an iBranch Locator tool to facilitate IBP and BTB injection attacks, enabling them to bypass existing defenses and compromise CPU security. They reported their findings to Intel in February 2024, prompting the chip giant to take action and inform relevant stakeholders about the potential vulnerability. Intel’s response to the researchers’ report indicates that they believe previous mitigation guidelines are effective in addressing the Indirector attack and that no new measures are necessary.

Overall, the discovery of the Indirector attack highlights the ongoing challenges in ensuring the security of CPU technology. Researchers continue to identify vulnerabilities and develop attack methods that pose risks to sensitive data stored in memory. Collaborative efforts between researchers, chip manufacturers, and software developers are essential in addressing these threats and implementing effective mitigation strategies. Intel’s reassurance that existing guidelines are sufficient offers some comfort to users concerned about the security of their devices.

Article Source
https://fudzilla.com/news/59295-boffins-find-another-spectre-shaped-hole-in-intel-cpus