CNET también está disponible en español.

Ir a español

Don't show this again

iPhone 12 and 12 Pro review Netflix subscriber growth NASA Osiris-Rex Stimulus negotiation reckoning MagSafe accessories for the iPhone 12 The Haunting of Bly Manor ending Walmart Black Friday

7 new Spectre, Meltdown attacks uncovered by security researchers

The widespread Spectre and Meltdown vulnerabilities were first revealed in January.


The Spectre and Meltdown flaws aren't totally gone yet.

James Martin/CNET

Researchers revealed on Wednesday several new variants of the Spectre and Meltdown attacks, serious vulnerabilities that were uncovered earlier this year.  

Five are variations on the original Spectre attack, according to ZDNet, while the other two are variations of the Meltdown attack.

Spectre and Meltdown are vulnerabilities uncovered in the chips made by Intel and AMD or designed by Arm that run essential processes on a computer. These silicon chips handle extremely sensitive data, such as passwords and encryption keys. It's a big deal if they're left vulnerable to hacks. The issue was widespread because those chips, used in devices made by Apple, Google, Microsoft, Amazon and others, all share a similar structure. 

The new attacks impact AMD, Arm, and Intel CPUs, central processing units, to various degrees, according to ZDNet. The researchers says they've successfully demonstrated the seven attacks with proof-of-concept code (PDF).

Intel said these new attacks can be mitigated by previously reported methods.

"The vulnerabilities documented in this paper can be fully addressed by applying existing mitigation techniques for Spectre and Meltdown, including those previously documented here, and elsewhere by other chipmakers," the company said in an emailed statement. "Protecting customers continues to be a critical priority for us and we are thankful to the teams at Graz University of Technology, imec-DistriNet, KU Leuven, & the College of William and Mary for their ongoing research."

An Arm spokesman also said the attacks could be "addressed by applying existing mitigations" described in the chip company's white paper.  

AMD didn't immediately respond to requests for comment.

First published Nov. 14, 10:40 a.m. PT.
Update, 11:14 a.m. PT: Adds response from ARM.