Google and Microsoft find new strain of Spectre and Meltdown

Security researchers at Google and Microsoft have found a new variant of the Spectre security flaw that was first reported back in January this year.

Rumors of the latest CPU bug were disclosed by a German computer science publication earlier this month, but the details of the vulnerability were only officially revealed on Monday, May 21.

Called Speculative Store Bypass (or Variant 4), the new strain exploits similar vulnerabilities as the older Spectre and Meltdown bugs but, according to Intel, uses a different method to access sensitive information.

Partly patched

The new variant can be exploited by running script files (or text files which contain a sequence of commands) on programs like web browsers. If hackers manage to successfully exploit this vulnerability, they’ll be able to get sensitive information off other parts of the program, like another tab in the case of browsers.

Intel, however, has classified the new bug as medium risk, explaining in a blog post that most of the exploits it uses were fixed in the original wave of patches that were rolled out.

“We’ve already delivered the microcode update for Variant 4 in beta form to OEM system manufacturers and system software vendors, and we expect it will be released into production BIOS and software updates over the coming weeks,” said Intel’s vice president of Product Assurance and Security.

Slowing it down

As we saw with previous Spectre and Meltdown patches, these new processor firmware updates could potentially reduce system performance too. Intel says the mitigations will “be set to off-by-default”, meaning users who don’t enable the new protections should not experience the negative impacts of the patch, but obviously won't be protected either.

“If enabled, we’ve observed a performance impact of approximately 2-8 percent based on overall scores for benchmarks like SYSmark 2014 SE and SPEC integer rate on client 1 and server 2 test systems,” Culbertson said.

This puts the proverbial ball into the end user’s court, leaving them to choose between security and speed.

Sharmishta Sarkar
Managing Editor (APAC)

While she's happiest with a camera in her hand, Sharmishta's main priority is being TechRadar's APAC Managing Editor, looking after the day-to-day functioning of the Australian, New Zealand and Singapore editions of the site, steering everything from news and reviews to ecommerce content like deals and coupon codes. While she loves reviewing cameras and lenses when she can, she's also an avid reader and has become quite the expert on ereaders and E Ink writing tablets, having appeared on Singaporean radio to talk about these underrated devices. Other than her duties at TechRadar, she's also the Managing Editor of the Australian edition of Digital Camera World, and writes for Tom's Guide and T3.

Latest in CPU
John Loeffler holding the Ryzen 7 7800X3D
Great news! The best gaming CPU ever made is finally available for it's original MSRP again
The Ryzen AI Max+ 395 could power the latest generation of powerful mini PCs
The AMD Ryzen AI Max+ 395 dominates as the "most powerful" APU on the market, but its competition is questionable
Intel Lunar Lake concept
Intel's Panther Lake processors won't arrive until Q1 2026 - corroborates previous delay rumors despite former Intel CEO's promise of 2025 launch
Aoostar G-flip 370
There's no need for a monitor with this Ryzen AI-powered mini PC
The main battle pass characters in Fortnite Lawless, including Midas, Sub Zero and a large wolf-man
You'll finally be able to play Fortnite on Windows 11 Arm-powered laptops as Epic Games partners with Qualcomm
Ryzen 9000 promotional material
AMD's most powerful processor ever actually runs better on Windows 10 than Windows 11
Latest in News
Volvo Gaussian Splatting
Volvo is using AI-generated worlds to make its cars safer and it’s all thanks to something called Gaussian splatting
Perplexity Squid Game Ad
New ad declares Squid Game's real winner is Perplexity AI
Pedro Pascal in Apple's Someday ad promoting the AirPods 4 with Active Noise Cancellation.
Pedro Pascal cures his heartbreak thanks to AirPods 4 (and the power of dance) in this new ad
Frank Grimes confronts Homer Simpson in The Simpsons' Homer's Enemy episode
Disney+ adds a new continuous Simpsons stream, so you no longer have to spend ages choosing an episode
Helly and Mark standing on an artificial hill surrounded by goats in Severance season 2 episode 3
New Apple teaser for Severance season 2 finale suggests we might finally find out what Lumon is doing with those goats, and I don't think it's anything good
Nvidia GR00T N1 humanoid robot
Nvidia is dreaming of trillion-dollar datacentres with millions of GPUs and I can't wait to live in the Omniverse