Intel refutes claim that newly-uncovered Spectre vulnerability variants need patching with performance-leeching fixes
Researchers at the University of Virginia recently claimed that newly-uncovered variants of the Spectre CPU vulnerability could affect "billions" of devices with AMD and Intel processors. More concerningly, the nature of the exploits means that any potential patches could severely curtail processor performance.
Intel replied by stating that "existing mitigations were not being bypassed," though that is what the researchers appear to have demonstrated in their paper. Ashish Venkat, one of the paper's authors, had this to say with regards to Intel's security guidelines for Spectre: "Intel's suggested defense against Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute. But it turns out the walls of this waiting area have ears, which our attack exploits."
If this turns out to be a real issue, despite Intel's statement, a fix could put Intel and AMD in a quandary. The vulnerabilities exploit CPU branch prediction capabilities. Rolling back the speculative code execution functionality on older CPUs could have major performance implications.