All Intel chips open to new Spoiler non-Spectre attack: Don’t expect a quick fix
An international team of security researchers has found a major flaw that affects Intel CPU chips. Spoiler, as researchers have dubbed the attack, is similar to the critical Spectre and Meltdown flaws that were uncovered in January of last year.
Intel received the findings of the report in December of 2018, but has not officially disclosed the vulnerability by issuing a CVE. The researchers believe that this is because the flaw will be incredibly difficult to patch, as a software fix won’t be sufficient, and a hardware solution would significantly impact CPU performance. As one of the researchers explained, “when it comes to the memory subsystem, it’s very hard to make any changes and it’s not something you can patch easily with a microcode without losing tremendous performance.” As a result, we are unlikely to “see a patch for this type of attack in the next five years.”