Back in the start of 2018, Meltdown and Spectre CPU flaw affected most of the CPUs including Intel, ARM, and others. Months after the detection, Google's Project Zero’s (GPZ) and Microsoft have discovered another new form of Spectre-Meltdown CPU flaw; Speculative Store Bypass (variant 4). The latest vulnerability is similar to Spectre and exploits speculative execution that modern CPUs use. However, Intel claims that they have not seen any reports of this method being used in real-world exploits so far. Browsers like Safari, Edge, and Chrome were all patched for Meltdown earlier this year, and according to Intel, these mitigations are also applicable to variant 4 and available for consumers to use today. Similar to Spectre, the new Variant 4 will also affect performance upon fixing it with firmware updates. Intel says that it has already delivered the microcode update for Variant 4 in beta to OEMs and system software vendors, and the broad reach is expected to be available in the coming weeks. This update would set the Speculative Store Bypass protection to off-by-default, so users won't notice any performance impacts. However, if enabled, a noticeable performance impact of approximately 2 to 8% is seen based on overall scores for benchmarks like SYSmark 2014 SE and SPEC integer rate on client and server test ...
Read Here»
Post a Comment Blogger Facebook
We welcome comments that add value to the discussion. We attempt to block comments that use offensive language or appear to be spam, and our editors frequently review the comments to ensure they are appropriate. As the comments are written and submitted by visitors of The Sheen Blog, they in no way represent the opinion of The Sheen Blog. Let's work together to keep the conversation civil.