The phantom returns: Researchers discover a new Spectre CPU attack, name it SplitSpectre
The discovery of the Spectre attack and the patches that followed it are not that far in the past, but the ghostly bug is now returning in a slightly different form. According to a team that consists of three academics from Northeastern University and three researchers from IBM Research, a new variation of the Spectre vulnerability can be exploited using browser-based code.
Just like its predecessor, the SplitSpectre vulnerability (more details can be found in this research document) is a design flaw in the microarchitecture of contemporary processors and can be exploited via speculative execution. The main difference is the actual attack method, which now involves a sequence of malicious code that can be run within the attacker's source instead of the target's kernel. This way, the entire procedure is simplified (click here for a detailed figure showing the original and improved attacks).
That might sound scary, but — thankfully — the systems that have been immunized against the original Spectre attack cannot be affected by its sibling, either. However, those who failed to install the updates can be successfully targeted using the SplitSpectre attack. After all, the original research team who discovered the initial Meltdown and Spectre attacks have published last month no less than seven variations and it was not such a big deal.
The final lesson? Always keep your software up to date, of course.