Multiple New Spectre CPU Flaws Revealed


According to a report by C’T magazine, researchers have found several data-leaking Spectre CPU vulnerabilities in Intel chips, which they are calling “Spectre Next Generation” or Spectre-NG.

There are reportedly eight new CVE-listed vulnerabilities, which Intel has not confirmed for now. The company, however, has confirmed the reservation of Common Vulnerabilities and Exposures (CVE) numbers, which is part of the investigation and mitigation of possible issues.

"So far we only have concrete information on Intel's processors and their plans for patches. However, there is initial evidence that at least some ARM CPUs are also vulnerable," the report read.

According to the report, further research is also underway on whether the “closely related AMD processor architecture is also susceptible to the individual Spectre-NG gaps,” and to what extent.

The report also says that Intel is already working on its own patches for Spectre-NG and others in cooperation with the operating system manufacturers.

The company is reportedly planning on two waves of patches: first in May and another in August.

“We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date,” Leslie Culbertson, Executive Vice President and General Manager of Product Assurance and Security at Intel Corporation, said in a statement on Thursday, addressing questions regarding security issues.


New Intel Security Flaw Detected

F-Secure, a Finnish cybersecurity firm revealed on Friday that it has discovered another security flaw in the Intel hardware. This flaw could enable hackers to access corporate laptops remotely.

Earlier it was revealed that the Intel chip had flaws that made almost every smartphone, laptop, or tablets vulnerable to hackers. This flaw is allegedly unrelated to Spectre and Meltdown but is rather an issue within Intel Active Management Technology (AMT).

According to F-Secure, AMT is commonly found in most corporate laptops and the flaw will allow an attacker to take complete control over a user's device in a matter of seconds.

“The issue potentially affects millions of laptops globally," the cybersecurity firm said.

The hacker would need physical access to the device at first but once they had re-configured the AMT, they would be able to effectively “backdoor” the machine and access the device using a remote server, just by connecting to the same network as the user.

There is also a possibility that the hacker would be able to programme the AMT to their own server, thus bypassing the need to connect to the user’s network.

The hacker will be able to access all information on the device after exploiting the flaw and will be able to make changes, download malware, etc. quite easily. No solutions or security measures have been found as yet, other than choosing a strong AMT password or disabling the AMT completely.

McAfee Antivirus will be rebranded as Intel Security

Intel has decided to say Good bye to the McAfee brand name for its security software, the McAfee Security will be renamed "Intel Security".

The rebranding will begin immediately, but the company estimates it will take a year to complete.  The red McAfee shield logo will remain.

Along with the rebranding, Intel is offering the mobile version of McAfee's security solutions for free to use on iOS and Android devices.

The controversial founder of McAfee company, John McAfee told BBC that he was elated by the name change. 

"I am now everlastingly grateful to Intel for freeing me from this terrible association with the worst software on the planet. These are not my words, but the words of millions of irate users." he said.