• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

New "Spectre" Variant Hits Intel CPUs, Company Promises Quarterly Microcode Updates

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,300 (7.53/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
A new variant of the "Spectre" CPU vulnerability was discovered affecting Intel processors, by security researchers Vladimir Kiriansky and Carl Waldspurger, who are eligible to bag a USD $100,000 bounty by Intel, inviting researchers to sniff out vulnerabilities from its processors. This discovery, chronicled under CVE-2018-3693, is among 12 new CVEs Intel will publish later this week. The company is also expected to announce quarterly CPU microcode updates to allay fears of its enterprise customers.

The new vulnerability, like most other "Spectre" variants, targets the speculative execution engine of the processor, in a bounds-check bypass store attack. A malicious program already running on the affected machine can alter function pointers and return addresses in the speculative execution engine, thereby redirecting the flow of data out of protected memory address-spaces, making it visible to malware. This data could be anything, including cryptographic keys, passwords, and other sensitive information, according to "The Register." Intel chronicled this vulnerability in section 2.2.1 of its revised speculative execution side-channel attacks whitepaper. You can also catch a more detailed whitepaper from the researchers themselves.



View at TechPowerUp Main Site
 
Joined
Apr 12, 2013
Messages
7,563 (1.77/day)
Considering the potential loss of revenues & face, a 100 grands sounds like peanuts to me! If only Intel would've spent more on making processors secure instead of hotchips presentation:ohwell:
 
Last edited:

las

Joined
Nov 14, 2012
Messages
1,693 (0.38/day)
System Name Meh
Processor 7800X3D
Motherboard MSI X670E Tomahawk
Cooling Thermalright Phantom Spirit
Memory 32GB G.Skill @ 6000/CL30
Video Card(s) Gainward RTX 4090 Phantom / Undervolt + OC
Storage Samsung 990 Pro 2TB + WD SN850X 1TB + 64TB NAS/Server
Display(s) 27" 1440p IPS @ 360 Hz + 32" 4K/UHD QD-OLED @ 240 Hz + 77" 4K/UHD QD-OLED @ 144 Hz VRR
Case Fractal Design North XL
Audio Device(s) FiiO DAC
Power Supply Corsair RM1000x / Native 12VHPWR
Mouse Logitech G Pro Wireless Superlight + Razer Deathadder V3 Pro
Keyboard Corsair K60 Pro / MX Low Profile Speed
Software Windows 10 Pro x64
Great. Didn't know Intel paid people to discover bugs. Does AMD pay people to find bugs too? I don't hear alot about Ryzenfall, Chimera and Masterkey these days. Only that it "should" be fixed in Zen 2.
 
Joined
Feb 18, 2013
Messages
2,186 (0.51/day)
Location
Deez Nutz, bozo!
System Name Rainbow Puke Machine :D
Processor Intel Core i5-11400 (MCE enabled, PL removed)
Motherboard ASUS STRIX B560-G GAMING WIFI mATX
Cooling Corsair H60i RGB PRO XT AIO + HD120 RGB (x3) + SP120 RGB PRO (x3) + Commander PRO
Memory Corsair Vengeance RGB RT 2 x 8GB 3200MHz DDR4 C16
Video Card(s) Zotac RTX2060 Twin Fan 6GB GDDR6 (Stock)
Storage Corsair MP600 PRO 1TB M.2 PCIe Gen4 x4 SSD
Display(s) LG 29WK600-W Ultrawide 1080p IPS Monitor (primary display)
Case Corsair iCUE 220T RGB Airflow (White) w/Lighting Node CORE + Lighting Node PRO RGB LED Strips (x4).
Audio Device(s) ASUS ROG Supreme FX S1220A w/ Savitech SV3H712 AMP + Sonic Studio 3 suite
Power Supply Corsair RM750x 80 Plus Gold Fully Modular
Mouse Corsair M65 RGB FPS Gaming (White)
Keyboard Corsair K60 PRO RGB Mechanical w/ Cherry VIOLA Switches
Software Windows 11 Professional x64 (Update 23H2)
here we go again... == come on Intel... you can do better than that.
 
Joined
Jan 17, 2006
Messages
932 (0.13/day)
Location
Ireland
System Name "Run of the mill" (except GPU)
Processor R9 3900X
Motherboard ASRock X470 Taich Ultimate
Cooling Cryorig (not recommended)
Memory 32GB (2 x 16GB) Team 3200 MT/s, CL14
Video Card(s) Radeon RX6900XT
Storage Samsung 970 Evo plus 1TB NVMe
Display(s) Samsung Q95T
Case Define R5
Audio Device(s) On board
Power Supply Seasonic Prime 1000W
Mouse Roccat Leadr
Keyboard K95 RGB
Software Windows 11 Pro x64, insider preview dev channel
Benchmark Scores #1 worldwide on 3D Mark 99, back in the (P133) days. :)
Because these bugs/vulnerabilities are only usable if you already have admin/root permissions on the machine you want to attack which makes these flaws pretty useless as far as i know.

Aren't they also mitigated in the latest AGESA?
 
Joined
Oct 10, 2009
Messages
795 (0.14/day)
Location
Madrid, Spain
System Name Rectangulote
Processor Core I9-9900KF
Motherboard Asus TUF Z390M
Cooling Alphacool Eisbaer Aurora 280 + Eisblock RTX 3090 RE + 2 x 240 ST30
Memory 32 GB DDR4 3600mhz CL16 Crucial Ballistix
Video Card(s) KFA2 RTX 3090 SG
Storage WD Blue 3D 2TB + 2 x WD Black SN750 1TB
Display(s) 2 x Asus ROG Swift PG278QR / Samsung Q60R
Case Corsair 5000D Airflow
Audio Device(s) Evga Nu Audio + Sennheiser HD599SE + Trust GTX 258
Power Supply Corsair RMX850
Mouse Razer Naga Wireless Pro / Logitech MX Master
Keyboard Keychron K4 / Dierya DK61 Pro
Software Windows 11 Pro
Great. Didn't know Intel paid people to discover bugs. Does AMD pay people to find bugs too?

It's not an uncommon way to test things or headhunt talented people.
 

Space Lynx

Astronaut
Joined
Oct 17, 2014
Messages
17,427 (4.68/day)
Location
Kepler-186f
Processor 7800X3D -25 all core
Motherboard B650 Steel Legend
Cooling Frost Commander 140
Video Card(s) Merc 310 7900 XT @3100 core -.75v
Display(s) Agon 27" QD-OLED Glossy 240hz 1440p
Case NZXT H710 (Red/Black)
Audio Device(s) Asgard 2, Modi 3, HD58X
Power Supply Corsair RM850x Gold
At this rate, I think I might just go Ryzen next year for my final build.
 

MT66

New Member
Joined
Feb 21, 2017
Messages
20 (0.01/day)
At this rate, I think I might just go Ryzen next year for my final build.
I think ryzen 3000 series is going to be very good, this is just a speculation on my part but AMD is claiming vega 7nm is touting 35% performance increase over Vega 14nm so if they can get close to that number on ryzen 3000 also getting that 7nm treatment that should be a pretty significant boost to performance.
 

las

Joined
Nov 14, 2012
Messages
1,693 (0.38/day)
System Name Meh
Processor 7800X3D
Motherboard MSI X670E Tomahawk
Cooling Thermalright Phantom Spirit
Memory 32GB G.Skill @ 6000/CL30
Video Card(s) Gainward RTX 4090 Phantom / Undervolt + OC
Storage Samsung 990 Pro 2TB + WD SN850X 1TB + 64TB NAS/Server
Display(s) 27" 1440p IPS @ 360 Hz + 32" 4K/UHD QD-OLED @ 240 Hz + 77" 4K/UHD QD-OLED @ 144 Hz VRR
Case Fractal Design North XL
Audio Device(s) FiiO DAC
Power Supply Corsair RM1000x / Native 12VHPWR
Mouse Logitech G Pro Wireless Superlight + Razer Deathadder V3 Pro
Keyboard Corsair K60 Pro / MX Low Profile Speed
Software Windows 10 Pro x64
I think ryzen 3000 series is going to be very good, this is just a speculation on my part but AMD is claiming vega 7nm is touting 35% performance increase over Vega 14nm so if they can get close to that number on ryzen 3000 also getting that 7nm treatment that should be a pretty significant boost to performance.

Won't happen core vs core

I'd be very happy if Zen 2 reaches 4.5 GHz... The 1700 in my server can't even do 4 GHz stable
 

las

Joined
Nov 14, 2012
Messages
1,693 (0.38/day)
System Name Meh
Processor 7800X3D
Motherboard MSI X670E Tomahawk
Cooling Thermalright Phantom Spirit
Memory 32GB G.Skill @ 6000/CL30
Video Card(s) Gainward RTX 4090 Phantom / Undervolt + OC
Storage Samsung 990 Pro 2TB + WD SN850X 1TB + 64TB NAS/Server
Display(s) 27" 1440p IPS @ 360 Hz + 32" 4K/UHD QD-OLED @ 240 Hz + 77" 4K/UHD QD-OLED @ 144 Hz VRR
Case Fractal Design North XL
Audio Device(s) FiiO DAC
Power Supply Corsair RM1000x / Native 12VHPWR
Mouse Logitech G Pro Wireless Superlight + Razer Deathadder V3 Pro
Keyboard Corsair K60 Pro / MX Low Profile Speed
Software Windows 10 Pro x64
Yeah true, but maybe he's talking overall (MT) performance?

Would easily be possible - if they up the max core/threads to 12/24 or 16/32

If they want to attract gamers, they need the clockspeed boost instead of adding more cores, preferably both

8C/16T with single/duo core boost at 4.5 GHz boost out of the box and 4.6-4.8 GHz max OC would be very good. Dream scenario

TSMC should be better for high clocks compared to GloFo
 

Space Lynx

Astronaut
Joined
Oct 17, 2014
Messages
17,427 (4.68/day)
Location
Kepler-186f
Processor 7800X3D -25 all core
Motherboard B650 Steel Legend
Cooling Frost Commander 140
Video Card(s) Merc 310 7900 XT @3100 core -.75v
Display(s) Agon 27" QD-OLED Glossy 240hz 1440p
Case NZXT H710 (Red/Black)
Audio Device(s) Asgard 2, Modi 3, HD58X
Power Supply Corsair RM850x Gold
Also if one invests in a freesync monitor it does make any loss of performance vs intel and nvidia go further, same with gsync and say you can only afford a gtx 1060 at 144hz 1080p, like sure you vant crank everything to ultra, but its all about that smoothness that really creates the experience if you have gsync. same thing/logic applies to any future all AMD builds I plan to do, not to mention I probably will be saving $300-400 by going Freesync 2 HDR600 over gsync HDR600 - and I do have every intention of buying a monitor like that in 2019 or 2020 when I do my ultimate build, so we will just see how things play out. I am leaning towards AMD even if its 10% slower across the board, mainly out of respect, but also because of no security issues, and on top of all that 10% is not really noticeable when you add in freesync or gsync, etc.
 

MT66

New Member
Joined
Feb 21, 2017
Messages
20 (0.01/day)
Won't happen core vs core

I'd be very happy if Zen 2 reaches 4.5 GHz... The 1700 in my server can't even do 4 GHz stable
Glofo is claiming 5ghz-ish with their 7nm process so I don't see why the tsmc 7nm process should not enable 5ghz-ish for ryzen 3000. I think an overlooked aspect of what AMD has been using process node wise is that its a 14nm samsung node used by Glofo, as far as I know samsung only make mobile centric processors where power efficiency is a premium and clock speed tend to be in the 1ghz to maybe 3ghz range, I dont believe there is a high performance variant of a samsung node just low power, TSMC and Glofo both state they will have both a high performance and low power verison of their 7nm process. This is why I believe the ryzen clock speeds have been lacking but power efficiency has been pretty good. Either way in time it will be revealed.
 
Joined
Aug 6, 2017
Messages
7,412 (2.75/day)
Location
Poland
System Name Purple rain
Processor 10.5 thousand 4.2G 1.1v
Motherboard Zee 490 Aorus Elite
Cooling Noctua D15S
Memory 16GB 4133 CL16-16-16-31 Viper Steel
Video Card(s) RTX 2070 Super Gaming X Trio
Storage SU900 128,8200Pro 1TB,850 Pro 512+256+256,860 Evo 500,XPG950 480, Skyhawk 2TB
Display(s) Acer XB241YU+Dell S2716DG
Case P600S Silent w. Alpenfohn wing boost 3 ARGBT+ fans
Audio Device(s) K612 Pro w. FiiO E10k DAC,W830BT wireless
Power Supply Superflower Leadex Gold 850W
Mouse G903 lightspeed+powerplay,G403 wireless + Steelseries DeX + Roccat rest
Keyboard HyperX Alloy SilverSpeed (w.HyperX wrist rest),Razer Deathstalker
Software Windows 10
Benchmark Scores A LOT
If they want to attract gamers, they need the clockspeed boost instead of adding more cores, preferably both
If they want gamers they first need to do something with this horrendous latency that CCX design produces, otherwise Intel will beat them in gaming as long as they keep using ring design.
 
Joined
Oct 5, 2017
Messages
595 (0.23/day)
Great. Didn't know Intel paid people to discover bugs. Does AMD pay people to find bugs too? I don't hear alot about Ryzenfall, Chimera and Masterkey these days. Only that it "should" be fixed in Zen 2.

You don't hear about them because they're not actually AMD specific bugs - They're bugs in ASMedia products that Intel also uses extensively. AMD already patched them, it didn't require Zen 2, and the root of the vulnerability was ASMedia

Meanwhile, there’s no sign of any effort by CTS Labs to address the backdoors and critical security flaws baked into tens of millions of Intel motherboards courtesy of their onboard Asmedia controllers, even though the ASM1042 and ASM1142 have shipped on Intel products for the past six years.

https://www.extremetech.com/computi...ith-amd-security-disclosures-digs-deeper-hole

The only reason that they were ever phrased as being solely AMD-relevant was that the company that publicised them, was making an attempt to manipulate AMD stocks. That's why the legal disclaimer on their site states: "CTS reserves the right to refrain from updating this website even as it becomes outdated or inaccurate. "

They're also linked to Viceroy Research (Who published a HYSTERICAL hit piece on AMD within hours of the CTS publication), and who have done this before, even going as far as to say "We take a financial position in our research and our readers should assume we have a position on the stock."

https://www.businesslive.co.za/bd/c...-out-the-info-to-make-a-killing-on-steinhoff/
 
Joined
Aug 6, 2017
Messages
7,412 (2.75/day)
Location
Poland
System Name Purple rain
Processor 10.5 thousand 4.2G 1.1v
Motherboard Zee 490 Aorus Elite
Cooling Noctua D15S
Memory 16GB 4133 CL16-16-16-31 Viper Steel
Video Card(s) RTX 2070 Super Gaming X Trio
Storage SU900 128,8200Pro 1TB,850 Pro 512+256+256,860 Evo 500,XPG950 480, Skyhawk 2TB
Display(s) Acer XB241YU+Dell S2716DG
Case P600S Silent w. Alpenfohn wing boost 3 ARGBT+ fans
Audio Device(s) K612 Pro w. FiiO E10k DAC,W830BT wireless
Power Supply Superflower Leadex Gold 850W
Mouse G903 lightspeed+powerplay,G403 wireless + Steelseries DeX + Roccat rest
Keyboard HyperX Alloy SilverSpeed (w.HyperX wrist rest),Razer Deathstalker
Software Windows 10
Benchmark Scores A LOT
This whole amdflaws business was a disgrace.
 
Joined
Mar 6, 2017
Messages
3,358 (1.18/day)
Location
North East Ohio, USA
System Name My Ryzen 7 7700X Super Computer
Processor AMD Ryzen 7 7700X
Motherboard Gigabyte B650 Aorus Elite AX
Cooling DeepCool AK620 with Arctic Silver 5
Memory 2x16GB G.Skill Trident Z5 NEO DDR5 EXPO (CL30)
Video Card(s) XFX AMD Radeon RX 7900 GRE
Storage Samsung 980 EVO 1 TB NVMe SSD (System Drive), Samsung 970 EVO 500 GB NVMe SSD (Game Drive)
Display(s) Acer Nitro XV272U (DisplayPort) and Acer Nitro XV270U (DisplayPort)
Case Lian Li LANCOOL II MESH C
Audio Device(s) On-Board Sound / Sony WH-XB910N Bluetooth Headphones
Power Supply MSI A850GF
Mouse Logitech M705
Keyboard Steelseries
Software Windows 11 Pro 64-bit
Benchmark Scores https://valid.x86.fr/liwjs3
If they want gamers they first need to do something with this horrendous latency that CCX design produces, otherwise Intel will beat them in gaming as long as they keep using ring design.
I figure that that will be solved by the introduction of DDR5 in the coming years.
 

rtwjunkie

PC Gaming Enthusiast
Supporter
Joined
Jul 25, 2008
Messages
14,019 (2.34/day)
Location
Louisiana
Processor Core i9-9900k
Motherboard ASRock Z390 Phantom Gaming 6
Cooling All air: 2x140mm Fractal exhaust; 3x 140mm Cougar Intake; Enermax ETS-T50 Black CPU cooler
Memory 32GB (2x16) Mushkin Redline DDR-4 3200
Video Card(s) ASUS RTX 4070 Ti Super OC 16GB
Storage 1x 1TB MX500 (OS); 2x 6TB WD Black; 1x 2TB MX500; 1x 1TB BX500 SSD; 1x 6TB WD Blue storage (eSATA)
Display(s) Infievo 27" 165Hz @ 2560 x 1440
Case Fractal Design Define R4 Black -windowed
Audio Device(s) Soundblaster Z
Power Supply Seasonic Focus GX-1000 Gold
Mouse Coolermaster Sentinel III (large palm grip!)
Keyboard Logitech G610 Orion mechanical (Cherry Brown switches)
Software Windows 10 Pro 64-bit (Start10 & Fences 3.0 installed)
At this rate, quarterly fixes should have us back to Northwood performance in no time. :rolleyes:
 
Joined
Apr 12, 2013
Messages
7,563 (1.77/day)
At this rate, quarterly fixes should have us back to Northwood performance in no time. :rolleyes:
And Intel will continue to mint more money by selling upgrades, especially for enterprise since it's a necessity.
 
Joined
Oct 5, 2017
Messages
595 (0.23/day)
If they want gamers they first need to do something with this horrendous latency that CCX design produces, otherwise Intel will beat them in gaming as long as they keep using ring design.

You're really overblowing that issue. AMD's Intra-CCX latency is actually slightly lower than Intel's Ring Bus architecture (39.38ns for data to travel between cores in a CCX, versus Intel's 43.10).

Yes, when you move between CCXs there's a difference, but especially with Ryzen 2, users won't see any difference at all until they move beyond 4 cores for a task. I'd also note that while Intel's monolithic design helps them to have 6 cores with low latency on the 8700K, the 7820X actually sees a dramatic jump in Ring Bus latency.

This was tested with DDR-2933 RAM by Tom's Hardware. The OC'd 2700X result used 3466.


 
Last edited:

Aquinus

Resident Wat-man
Joined
Jan 28, 2012
Messages
13,171 (2.79/day)
Location
Concord, NH, USA
System Name Apollo
Processor Intel Core i9 9880H
Motherboard Some proprietary Apple thing.
Memory 64GB DDR4-2667
Video Card(s) AMD Radeon Pro 5600M, 8GB HBM2
Storage 1TB Apple NVMe, 4TB External
Display(s) Laptop @ 3072x1920 + 2x LG 5k Ultrafine TB3 displays
Case MacBook Pro (16", 2019)
Audio Device(s) AirPods Pro, Sennheiser HD 380s w/ FIIO Alpen 2, or Logitech 2.1 Speakers
Power Supply 96w Power Adapter
Mouse Logitech MX Master 3
Keyboard Logitech G915, GL Clicky
Software MacOS 12.1
A malicious program already running on the affected machine can
Your machine might be at risk if it has already been infected. Really? I would have never known. :rolleyes:
 
Joined
Oct 5, 2017
Messages
595 (0.23/day)
Your machine might be at risk if it has already been infected. Really? I would have never known. :rolleyes:
This is different to that program already having access to all the data on your machine or in memory.

If you had a program on your machine that had no admin-level access, and was capable of doing very little malicious without that access, that's one thing. Some low-level adware or whatever.

This vulnerability would enable a program running in such restricted conditions, to access data beyond those restrictions. That's potentially quite significant.
 
Joined
Apr 30, 2011
Messages
2,716 (0.54/day)
Location
Greece
Processor AMD Ryzen 5 5600@80W
Motherboard MSI B550 Tomahawk
Cooling ZALMAN CNPS9X OPTIMA
Memory 2*8GB PATRIOT PVS416G400C9K@3733MT_C16
Video Card(s) Sapphire Radeon RX 6750 XT Pulse 12GB
Storage Sandisk SSD 128GB, Kingston A2000 NVMe 1TB, Samsung F1 1TB, WD Black 10TB
Display(s) AOC 27G2U/BK IPS 144Hz
Case SHARKOON M25-W 7.1 BLACK
Audio Device(s) Realtek 7.1 onboard
Power Supply Seasonic Core GC 500W
Mouse Sharkoon SHARK Force Black
Keyboard Trust GXT280
Software Win 7 Ultimate 64bit/Win 10 pro 64bit/Manjaro Linux
Won't happen core vs core

I'd be very happy if Zen 2 reaches 4.5 GHz... The 1700 in my server can't even do 4 GHz stable
Since we got from 3.9-4.1 to 4.2-4.4 with a refresh and without tweaks in the arch on basically the same production line which with some tweaks got from 14nm to 12nm, a full node improvement to 7nm alongside a big improvement encore can easily reach very close or above the 5GHz limit at stock boost for 1-2 thread needs. My 5 cents.
 
Top