Google and Microsoft confirm new CPU security flaw
The latest find follows the Meltdown and Spectre vulnerabilities discovered earlier this year.
Microsoft and Google have confirmed a new processor vulnerability, similar to the Meltdown and Spectre flaws that were revealed at the beginning of the year.
Called Speculative Store Bypass (variant 4), it is said to work in a similar way to the Spectre flaw in that it exploited a tool used by most modern central processing units (CPUs).
This tool is the process where a computer executes a task before it’s certain it is needed, but does so to prevent the system from slowing down in order to complete it.
The Spectre exploit enabled hackers to extract data during this process.
Popular web browsers including Safari, Edge and Chrome were all patched to fix the issue, and fellow tech giant Intel has said: “These mitigations are also applicable to variant 4 and available for consumers to use today.”
However, Intel said when these latest updates are enabled, they could impact performance by between 2-8%, though the update would be “off-by-default”, meaning users would have to choose to enable it.
Following the Meltdown and Spectre incident, and now to a lesser extent variant 4, tech firms have been changing their design practices to protect against similar attacks.
Intel, for example, is building hardware protections into its processors which are due to ship later this year.
