Two tech giants Microsoft and Google are joining hands reveal a new CPU cybersecurity vulnerability where its characteristics are very similar to the Meltdown and Spectre flaws. It’s called the Speculative Store Bypass and exploits speculative execution of modern PCs. This newly discovered vulnerability could affect performance as it includes firmware updates for CPUs.
Intel announced that it has already delivered microcode updates for Speculative Store Bypass which is in beta stage to OEMs. Intel expects a wider availability soon in the coming weeks. The Speculative Store Bypass protection will be set off by default with the firmware updates. This will also ensure that it doesn’t affect the user’s performance.
According to Intel’s security chief Leslie Culbertson, “If enabled, we’ve observed a performance impact of approximately 2-8 percent based on overall scores for benchmarks like SYSmark 2014 SE and SPEC integer rate on client 1 and server 2 test systems.”
And because of this, the users especially the system administrators will have to make a tough choice between security and optimal performance. It all finally comes down to the individual choice, just like it was in the case of Spectre. However, one relief is that this variant is less risky when compared with Spectre and Meltdown.