Submission + - Researchers automate Spectre exploits, find additional side-channel
ffkom writes: In a new paper MeltdownPrime and SpectrePrime:
Automatically-Synthesized Attacks Exploiting
Invalidation-Based Coherence Protocols researchers describe an automated tool to write exploit code for Spectre-type attacks, tailored to different CPU architectures.
While using their tool, they also identified another side-channel that can be used for a new Spectre-variant they call "SpectrePrime": Instead of using speculative reads to fill caches, they use speculative writes that cause detectable changes to cache states, even when ultimately not executed.
In other news, one of the original Spectre researchers found Microsoft's compiler changes to mitigate Spectre type-1 attacks to be largely ineffective.
While using their tool, they also identified another side-channel that can be used for a new Spectre-variant they call "SpectrePrime": Instead of using speculative reads to fill caches, they use speculative writes that cause detectable changes to cache states, even when ultimately not executed.
In other news, one of the original Spectre researchers found Microsoft's compiler changes to mitigate Spectre type-1 attacks to be largely ineffective.