There is a serious security flaw in billions of Intel CPUs that can let attackers steal confidential data like passwords and encryption keys. Firmware updates can fix it, but at a potential significant performance loss.
Seems very similar to Zenbleed in terms of using certain register optimisation and speculative execution to get crippling security exploits. Thus far I haven’t read too much into the detail of the attack but This article on Zenbleed, written by the attack’s author, describes how the attack in detail and how he came to find it using fuzzing techniques - in this case two sets of instructions that should have had the same result, but they didn’t.
Seems very similar to Zenbleed in terms of using certain register optimisation and speculative execution to get crippling security exploits. Thus far I haven’t read too much into the detail of the attack but This article on Zenbleed, written by the attack’s author, describes how the attack in detail and how he came to find it using fuzzing techniques - in this case two sets of instructions that should have had the same result, but they didn’t.
The write-up for this one is presumably this one.