Two New Spectre-Class CPU Flaws Discovered - Intel Pays $100K Bounty

Ganesh The Awesome Senior Pre & Post-Sales Engineer at GlobalDots

13th July, 2018 1 Min read

Intel has paid out a $100,000 bug bounty for new processor vulnerabilities that are related to Spectre variant one.

The new Spectre-class variants are tracked as Spectre 1.1 (CVE-2018-3693) and Spectre 1.2, of which Spectre 1.1 described as a bounds-check bypass store attack has been considered as more dangerous.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Spectre flaws take advantage of speculative execution, an optimization technique used by modern CPUs, to potentially expose sensitive data through a side channel by observing the system.

Speculative execution is a core component of modern processors design that speculatively executes instructions based on assumptions that are considered likely to be true. If the assumptions come out to be valid, the execution continues, otherwise discarded.

A team of researchers—Vladimir Kiriansky of MIT and Carl Waldspurger of Carl Waldspurger Consulting—has now discovered two sub-variants of Spectre Variant one.

The new Spectre variants come almost a month after researchers from Microsoft and Google disclosed a Spectre Variant 4 impacting modern CPUs in millions of computers, including those marketed by Apple.

Close-up view of a blue circuit board with various electronic components and capacitors. — Image Source

Latest Articles

Web Security

Three Ways CISOs Can Combat Emerging Threats in 2025

73% of CISOs fear a material cyberattack in the next 12 months, with over three-quarters convinced AI is advancing too quickly for existing methods to combat it. But what can CISOs do to prepare for the coming wave – and access the resources they need to deal with this evolving threat landscape? To find out, […]

11th November, 2024

Cloud Cost Optimization

How Optimizing Kafka Can Save Costs of the Whole System

Kafka is no longer exclusively the domain of high-velocity Big Data use cases. Today, it is utilized on by workloads and companies of all sizes, supporting asynchronous communication between even small groups of microservices. But this expanded usage has led to problems with cost creep that threaten many companies’ bottom lines. And due to the […]

Itay Tal Head of Cloud Services

29th September, 2024

Cloud Migration Service

Migrating Volumez RedHat VMs into Amazon Linux 2 for higher effective discounts rate of Saving Plan

A cloud data infrastructure company relied on extensive use of multiple instance types to test its products. But this made it difficult to optimize costs – a fact which had begun to impact their ability to scale the business. The GlobalDots team helped the company identify and implement a new infrastructure configuration that both saved […]

Itay Tal Head of Cloud Services

19th September, 2024

Compliance Automation

How Yuki Achieved SOC 2 Compliance 6x Faster

Overview A fast-growing Snowflake optimization platform was missing out on customers because they didn’t have the right data security compliance. Through multiple consultations and extensive vendor-testing, the GlobalDots team selected a solution to provide both tech and human support, helping the company achieve SOC 2 compliance within just 3 months – and win new customers […]

Itay Tal Head of Cloud Services

16th September, 2024

Back to Resources

Two New Spectre-Class CPU Flaws Discovered – Intel Pays $100K Bounty

Latest Articles

Unlock Your Cloud Potential