Once again, security researchers have discovered critical vulnerabilities in CPU chips that allow attackers to use a technique called speculative execution in order to get CPUs to leak sensitive information.
The January 2018 disclosure of a previous set of such flaws, called Meltdown and Spectre, sent shock waves through the infosec community. The new flaws are dubbed Microarchitectural Data Sampling (MDS). According to an Intel advisory, “MDS is a sub-class of previously disclosed speculative execution side channel vulnerabilities.” MDS comprises four related attacks, which “under certain conditions,” can provide “a program the potential means to read data that program otherwise would not be able to see.” The company said that it is not aware of campaigns exploiting these vulnerabilities in the wild.
Read more: Intel CPUs Impacted By New Class of Spectre-Like Attacks