Security researchers have found eight new defects in computer chips, which are similar to the “serious” errors found at the beginning of this year.
In January, the team of companies rushed to fix the Crisis, and Spectrum of defects that, under certain conditions, allows attackers to steal data.
Recent discoveries allow stolen data in a similar manner and have been shown to work under laboratory conditions.
Chip-makers are now the analysis of the error reports before the details have been made public.High-risk
German news technology magazine c’t reported the news about the eight errors. It was said that several security teams had discovered the defects – that is nicknamed the Phantom of the Next Generation.
The teams that discovered the Spectrum NG of the family of the defects have been followed by the standard error of the disclosure of the protocols and chip-makers and other 90 days to respond and prepare patches before the release of the details. The term of 90 days on the release of information about some of the flaws expires on the 7th of May.
C not said that Intel had classified four of the flaws as “high risk” and the rest as “medium”. One of the more serious errors, in theory, could allow attackers to use its access to a vulnerable virtual pc to get on the server behind him, or in other similar software programs that are running on the same machine.
Cloud services such as Amazon AWS could be “especially affected” by this failure, he said.
Intel refused to comment on c no findings. It was said that the reports that it was planning to formally recognize the existence of the errors were premature.
“We believe strongly in the value of the co-ordination, dissemination and sharing additional details about any potential problem as we finish mitigations,” Intel said tech news site The Register.
Chip-maker AMD told Reuters that it was aware of reports about the fresh defects and was examining the findings.
“Taking into account what we have seen with the Crisis and Spectre, we should expect a long and painful cycle of updates, possibly even the performance or stability issues,” Yuriy Bulygin, a former Intel security researcher and chief security hardware signature Eclypsium, told Reuters.
Mr Bulygin said that the publicity around Spectre and the Crisis had made chip attacks a “hot” area of research.
“Bad actors have probably already invested in this type of attacks now,” he said.
None of the eight defects examined by c is not being used by cyber criminals to attack companies and extract data.
The German report is the latest in a series of security researchers who have searched for similar defects to the Merger and the Spectre. Previously, three teams have published reports about the errors that allow them to take data under laboratory conditions.