After patching the first wave of Specter and Meltdown attacks, many relaxed. Error. The CPU Specter and Meltdown vulnerabilities showed a whole new way to attack systems, and all its experts better safetys knew it was only a matter of time before new methods of attack were found.
Jann Horn, security researcher at Google Project Zero, like seems discovered a new method in a short time after the repair of the first Spectra fragility. Horn found a new way of attacking microprocessors. 
The security gap affects not only Intel processors. It also affects the chipsets (x86) of AMD, POWER 8, POWER 9, System z and some ARM processors. In short, it could allow unauthorized read access to memory in almost any 21 century processor.
Ο αριθμός της vulnerabilityς (CVE) για αυτό το πρόβλημα ασφαλείας είναι ο CVE-2018-3639.
Η Intel αποκαλεί αυτή την παράκαμψη Speculative Store (SSB), γνωστή και ως Specter Variant 4. Σε αντίθεση με το σφάλμα που ανακάλυψε ο Yuriy Bulygin, ο πρώην επικεφαλής της προηγμένης ομάδας απειλών της Intel, το system x86 management of Intel systems (SMM), SBB is a new attack method.
_____________________________
Another new but less dangerous Specter style security vacuum is that CVE-2018-3640, also known as Rogue System Register Read (RSRE) or Specter Variant 3a. With this vulnerability, local users may be able to obtain unauthorized disclosure of system parameters by analyzing side channels.
External attacks, through a browser and a malware page, are less likely with both Intel security loopholes.
This means (according to Intel):
“most browser developers have developed recently mitigation measures for Managed Runtimes, which significantly increase the difficulty of exploiting side channels. These techniques increase the difficulty of exploiting an SSB-based side-channel by a browser.”
Για την επίλυση του προβλήματος, η Intel έχει κυκλοφορήσει ενημερώσεις για μικροεπεξεργαστές σε μορφή beta για τους προγραμματιστές λειτουργικών συστημάτων, και κατασκευαστές συσκευών, προσθέτοντας υποστήριξη για την απενεργοποίηση της παρακαμπτήριας αποθήκευσης (Speculative Store Bypass Disable) (SSBD). Το SSBD παρέχει πρόσθετη protection, εμποδίζοντας την εμφάνιση της παράκαμψης Speculative Store. Η Intel ελπίζει ότι τα περισσότερα μεγάλα λειτουργικά συστήματα θα προσθέσουν υποστήριξη για το Speculative Store Bypass Disable (SSBD) ξεκινώντας από τις 21 Μαΐου 2018.
________________________
- Intel's press release without algae for silk ribbons
- Microsoft, Apple, Google, Facebook, Amazon and captivity
- WordPress 4.9.6 with 37 enhancements and 51 bug fixes
- 5 Linux tools for recovering data from corrupted drives
- Google's DeepMind: dopamine use from neural networks
