Intel details fourth Spectre-style CPU security flaw
There are fixes on the way, but it's still a headache.
Intel said it was expanding its bug bounty program to help find more Spectre-like processor security flaws, and unfortunately it just found one. The company (along with Google and Microsoft) has disclosed a fourth exploit (simply titled Variant 4) that once again uses speculative execution to expose some data through a side channel. The attack is so far known to work in a "language-based runtime environment" like the sort you'd see in a web browser (say, JavaScript), although Intel hadn't seen evidence of successful browser-based exploits.
Like earlier vulnerabilities, the new issue affects most modern chip architectures, including many of Intel's CPUs from the past few years.
The good news: many of the same patches for earlier Spectre and Meltdown variants should mitigate against Variant 4. There is the potential for new exploits, however, so Intel and partners (including PC makers and operating system vendors) are releasing BIOS and software fixes in the "coming weeks." The solution is turned off by default, though -- Intel estimates a roughly 2 to 8 percent performance hit in benchmarks, and it's clearly not eager to impose that penalty on users unless there's evidence of an exploit in the wild.
There won't be a permanent solution (complete immunity to the flaws, rather than mitigation) for Spectre-like exploits until Intel and its competitors release updated chips. As such, it won't be alarming if it turns out there are more disclosures like this. The industry hasn't really had such universal hardware-related flaws before, and it's not clear where they end.