Intel and AMD processors remain susceptible to the Spectre vulnerability more than half a decade following its initial disclosure, reports SC Media.
Threat actors have been mainly targeting x86 chips' Indirect Branch Predictor Barrier, which provides protections against speculative execution attacks, according to a study from ETH Zurich researchers, who noted that the issue has already been resolved by Intel in a microcode update.
"This microcode update was, however, not available in Ubuntu repositories at the time of writing this paper. We are currently working with the Linux kernel maintainers to merge our proposed software patch," said researchers.
The persistence of the Spectre vulnerability should prompt more stringent security defenses, according to cybersecurity experts. "Organizations should have a ‘defense-in-depth’ approach to security, where even if data is compromised from reading chip-level caches, there would be other ways to stop an attacker from using it. In addition, ensuring key systems are on segmented networks is important to prevent lateral movement," said Viakoo Labs Vice President John Gallagher.
