Despite being known as a significant security vulnerability in modern processors like those from AMD and Intel, the Spectre issue remains unresolved even six years after its initial discovery. Recent statements by ETH Zürich researchers Johannes Wikner and Kaveh Razavi reveal that current AMD and Intel processors are still vulnerable to cyber-attacks.

AMD and Intel Remain Silent on the Issue

The researchers identified a major security flaw within the Indirect Branch Predictor Barrier (IBPB) in x86 chips. IBPB is a crucial defense mechanism against cyber-attacks on processors. However, a code error in Intel microarchitectures like Golden Cove and Raptor Cove renders this protection ineffective.

The speculative execution feature used in modern processors for performance optimization allows the CPU to predict and execute specific commands in advance. However, this feature can enable malicious attackers to access sensitive data. The attack method known as Post-Barrier Inception (PB-Inception) poses a serious security risk, particularly affecting AMD Zen 1(+) and Zen 2 processors.

Intel has released a microcode patch for this security vulnerability, tracked under CVE-2023-38575. AMD, meanwhile, has been tracking the issue under CVE-2022-23824 and published a security advisory in November 2022. Experts recommend that Intel users update their intel-microcode and AMD users apply kernel updates to stay protected.

While these updates don’t provide a complete solution for these processors, they do reduce the success rate of malicious attacks. Feel free to share your thoughts on this issue in the comments.