Security researchers at the Worcester Polytechnic Institute in Worcester, Massachusetts and the University of Lübeck in Germany have detailed in an article, a new vulnerability affectin Intel processors. Called SPOILER, it is based on defects in speculative execution, exactly like the Meltdown and Spectrum faults unveiled last year. It applies to all Intel processors from Core models. Unlike Spectrum, it only concerns Intel. This flaw exploits a flaw in the implementation of the speculative execution created by Intel. Speculative execution consists in launching several instructions at the same time, without waiting for them to be requested by a program. This vulnerability causes direct leakage of information due to a physical address conflict.
Spoiler bypasses one of the security measures implemented by Intel to locate where information is stored in memory. Once this memory card is obtained, malware could easily recover all the information managed by the processor and exploit it on its own account. Security researchers believe that a software patch at the browser and operating system level will not be enough to completely block the vulnerability. Intel will be able to close the gap with an update of the processors, but at the cost of a significant impact on performance. One of the solutions will involve the implementation of a new generation of processors.