Intel Discloses New Speculative Execution Security Vulnerabilities

May 19, 2019

Thus far, no attacks actually utilizing Spectre and Meltdown have been spotted in the wild, beyond proof-of-concept work submitted by researchers. Similarly, taking advantage of MDS is trickier than this website implies. Attackers can’t directly control what’s in the buffers they target, for example, which means the exploit may leak old, stale data of no interest. Microcode updates for systems with Sandy Lake through Kaby Lake CPUs have already shipped out to customers. First-generation-and-following Coffee Lake and Whiskey Lake CPUs are immune to this attack already. The impact on performance from the fix is estimated to be ~3 percent.