Son of Spectre: researchers are about to announce eight more Meltdown-style defects in common microprocessors

The New Years revelation that decades' worth of Intel's processors had deep, scary defects called "Spectre" and "Meltdown" still has security experts reeling as they contemplate the scale of patching billions of devices that are vulnerable to attack.

As is often the case in security research, the development of a novel kind of attack has led to further work that tries variations on the theme to discover similar defects.

A group of researchers spoke to the German IT magazine "c't" about a pending disclosure of eight more Spectre/Meltdown-style defects in microprocessors; the report is short on details as the affected companies have been given a grace period to create patches and other mitigation strategies before the researchers publish. Mentioned in the report are Intel, ARM and AMD, though it's not clear which chips are vulnerable, or how grave the vulnerabilities are.

The magazine, called c’t, said it was aware of Intel Corp’s plans to patch the flaws, adding that some chips designed by ARM Holdings, a unit of Japan’s Softbank, might be affected, while work was continuing to establish whether Advanced Micro Devices chips were vulnerable.

'Next generation' flaws found on computer processors: magazine [Reuters]

(via /.)