INTEL IS SET to release patches for the fresh batch of Spectre speculative execution vulnerabilities on 21 May.
The chipmaker was originally set to release a patch on 7 May to tackle the flaws dubbed "Spectre Next-Generation" or "Spectre-NG", but according to German publication Heise, Intel asked the researchers who discovered the new flaws for more time.
It would appear Intel hit a few problems getting that patches ready in time, and therefore wants more time to push out a patch before the researchers go public with the specifications of some eight flaws they uncovered.
Intel's first patch will supposedly fix four "medium-risk" bugs while a second one, due 14 August, will fix the more serious "high-risk" flaws, which affect pretty much all of Intel's processor line up including the data centre-grade Xeon chips.
While the threat Spectre-NG poses is arguably not a major problem in the real-world, unless you let hackers get intimate access to your computer or network, the new flaws are rather insidious given they can let attackers bypass virtual machine isolation from cloud host systems and breach the security provided by Intel's Software Guard Extension.
Such flaws, if exploited, could enable the beach of software that trades on its ability to be secure and robust.
Heise claims that some ARM CPUs are also vulnerable to Spectre-NG, though notes that it remains unclear if AMD's processors are also at risk, and if so, to what extent.
AMD said in a statement last week that it's "looking into the matter and want to share information as appropriate, adding: "Security and protecting users' data is of the utmost importance to AMD and we are aware of it speculative execution exploits."
The patches Intel will push ut will only be temporary software fixes and mitigations given the Spectre vulnerability exists at the heart of processor architecture. As such, Intel's next wave of chips designed after the Spectre and Meltdown flaws came to light, will need to have a different design to their predecessor processors in order to banish the spectre of Spectre. µ
You're not the voice, try and understand it
Not 'Appy bunnies
News reaches us, per Plex