Reading Time: 2 minutes

We are still far from a solution for the Meltdown and Spectre, considering the delay of the microcode releases and the complexity of the possible Spectre fixes…

And now, some security researchers from NVIDIA and Princeton have discovered new variants of the Meltdown and Spectre flaws that may be more difficult to be fixed (but also to be exploited) than the originals.

Those new variant are called MeltdownPrime and SpectrePrime, and have been discussed in a recent research paper.

Most of the software patches and changes addressed for Meltdown and Spectre will likely take care of also of those two new exploits, but the coming hardware fixes won’t! The researchers said they believe the “hardware protection against them will be distinct,” which means that chip makers may need to further change their designs to mitigate the threats.

“We believe that microarchitectural mitigation of our Prime variants will require new considerations. Where Meltdown and Spectre arise by polluting the cache during speculation, MeltdownPrime and SpectrePrime are caused by write requests being sent out speculatively in a system that uses an invalidation-based coherence protocol.”

The researchers were able to create new variants of Meltdown and Spectre with a separate class of cache timing side-channel attack known as Prime+Probe, described in 2015 by several of the researchers who found Meltdown and Spectre independently of Google’s Project Zero.

While no exploit code has been released for the attack, the researchers did note that they were able to test SpectrePrime on “a Macbook with a 2.4 GHz Intel Core i7 Processor running macOS Sierra, Version 10.12.6.” However, MeltdownPrime hasn’t been tested as thoroughly yet.

Attacks like MeltdownPrime and SpectrePrime are just proof-of-concepts, but they demonstrate how far-reaching and impactful the initial Meltdown and Spectre flaws will be for years to come.

Anyway will be very interesting see the response from different vendors and also for the main web site, that still does not cite those new variants.

For more information see also: