, my friends Intel can already ask for music in Fantástico! This year is being marked by vulnerabilities that exploit, among other things, speculative execution as we covered in on Air # 262 and in this article.
So far, there have been three sets of vulnerabilities: Specter and Meltdown, Specter-NG, and now Specter V3a and V4.
When a house built on land is not appropriate, all that comes from trouble in the expected sequence. Many people think kicking the dead dog, but both the Google Project Zero team and the Microsoft security team continue to find all possible variations of breaches that could be exploited by hackers. And that's good!
On the 21st, Intel published the article CVE-2018-3640 (Rogue System Register Read V3a) it's the CVE-2018-3639 (Speculative Store Bypass V4) explaining how a malicious program can access various memory addresses and read their contents to steal sensitive data. Correction is not easy. In the article, Intel describes how the Specter can be exploited in a variety of ways and why the fix is not as simple as Meltdown, which exploits only a single processor loophole.
For vulnerabilities V3a and V4, the attack is to observe the system that attempts to predict user action to speed up response time, and when the processor misses the forecast, the expected information becomes vulnerable.
As we've explained before, as if every time you go to Starbucks, the system will try to anticipate what you want to expedite your order. Most of the time he gets it right (based on his routine, the order placed quickly); but in that particular vulnerability, it acts every time the forecasting system goes wrong. At this point, he can see in memory what was expected and BINGO! The attacker can obtain the sensitive information. as if I saw the Starbucks clerk throwing out a wrong order and thinking, "He didn't order cappuccino today, but because the clerk anticipated making one, it shows that this customer always orders this drink here, at least most of the time." .
Another problem with this vulnerability is that it “undercuts” the operating system, disrupting the execution prediction process, thereby causing memory and processor readings to be hampered by unnecessary information, thereby slowing down processing as a whole.
Several software vendors have either patched their own fixes to mitigate the problem or used a feature called site isolationin order to prevent attacks over the internet. As always, make your system as up-to-date as possible patches As for firmwares, it helps a lot to prevent possible attacks.