Intel Faced Expanded Spectre-Class CPU Flaws as Mitigations Shifted to Hardware
Researchers and industry reporting revealed that Intel processors were affected by a broader set of speculative-execution vulnerabilities beyond the original Meltdown and Spectre disclosures, including eight additional issues dubbed Spectre-NG. Several of the newly reported flaws were described as high risk, with at least one capable of crossing virtual machine boundaries and threatening cloud environments by exposing sensitive data such as passwords and cryptographic keys; reports also said Intel SGX protections were not sufficient against some of these attacks. The wider Spectre/Meltdown family affected Intel most heavily for Meltdown and Intel, AMD, and Arm for Spectre, reinforcing warnings that complete remediation would ultimately require hardware changes rather than software alone.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
9 events from the most recent confirmed update back to the earliest known activity.
Intel details hardware mitigations in new Core and Xeon processors
Intel disclosed mitigation coverage for Spectre and Meltdown across several processor families at its Fall Desktop PC event. It said some 9th Gen Coffee Lake Refresh chips included hardware fixes for Meltdown Variant 3 and L1 Terminal Fault, while other lines such as Xeon W-3175X still depended on software and firmware mitigations.
Intel documents a speculative buffer overflow in Spectre-NG
Intel documented a speculative buffer overflow issue as part of the Spectre-NG vulnerability set. This marked a technical disclosure step that added detail on one of the newly identified speculative-execution flaws.
Report says Intel postponed disclosure of Spectre-NG flaws
Follow-up reporting said Intel delayed disclosure of the Spectre-NG issues because patches were not yet ready. The report said an initial wave would cover four medium-risk flaws and disclose two high-risk flaws, with fixes for the high-risk issues expected later.
Heise reports eight new Intel speculative-execution flaws
A report said Intel processors were affected by eight additional previously unknown speculative-execution vulnerabilities, dubbed Spectre-NG, with four rated high risk and four medium risk. The report highlighted risks to cloud environments, possible cross-VM attacks, and exposure of SGX-protected data, while Intel said it had reserved CVEs and was coordinating disclosure.
Intel drops some Spectre microcode plans for older processors
Intel scaled back plans to release Spectre variant 2 microcode updates for certain legacy CPUs, including Core 2 processors and some first-generation Core models. The change reversed earlier plans to support some of those older architectures.
Intel announces hardware redesigns for Spectre protections
Intel announced partitioning-based hardware protections against Spectre for upcoming Cascade Lake Xeon processors and 8th Gen Core chips planned for the second half of 2018. It also said firmware updates were available for Intel products launched in the previous five years, while Meltdown would continue to rely on software mitigation.
Dell publishes impact guidance for side-channel CPU flaws
Dell issued a notice on the impact of CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754 on its enterprise products. The guidance described mitigation steps involving BIOS microcode, operating system patches, and in some cases NVIDIA driver updates.
Microsoft reports performance impact from Spectre and Meltdown patches
Microsoft said mitigations for the CPU flaws could noticeably slow older PCs, especially older Windows versions and older Intel processors. It said Spectre variant 2 mitigations were the main source of slowdown, while Intel separately said average users should not see major impact in common tasks.
Meltdown and Spectre vulnerabilities are publicly disclosed
Researchers disclosed the Meltdown and Spectre processor vulnerabilities, which can leak sensitive memory contents from affected devices. At disclosure, there was no evidence they had been exploited in the wild, and vendors and CERT advised applying available software and browser updates while noting hardware replacement would be needed for full remediation.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
15 references tracked. Mallory keeps watching after this page renders.
Microprocessor Side-Channel Vulnerabilities (CVE-2017-5715, CVE-2017-5753, CVE-2017-5754): Impact on Dell products | Dell US
dell.com
Open sourceA year with Spectre: a V8 perspective · V8
v8.dev
Open sourceIntel’s New Core and Xeon W-3175X Processors: Spectre and Meltdown Security Update
web.archive.org
Open sourceSpectre-NG: Intel dokumentiert "spekulativen Buffer Overflow" | heise online
heise.de
Open sourceIntel processors are being redesigned to protect against Spectre | The Verge
theverge.com
Open sourceSeitenkanal-Sicherheitslücken von Mikroprozessoren (CVE-2017-5715, CVE-2017-5753 und CVE-2017-5754): Auswirkungen auf Server, Storage und Netzwerke von Dell Technologies | Dell Österreich
dell.com
Open sourceMicrosoft tests show Spectre patches drag down performance on older PCs | PCWorld
pcworld.com
Open sourceWho’s affected by computer chip security flaw | The Augusta Chronicle
web.archive.org
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Speculative-Execution CPU Flaws Exposed Data Across Intel, AMD, and ARM Systems
Researchers disclosed the **Meltdown** and **Spectre** hardware flaws, showing that speculative execution in modern processors could let attackers read sensitive data across security boundaries on affected devices. Reuters reported that **Meltdown** primarily affected Intel processors by breaking memory isolation, while **Spectre** impacted Intel, AMD, and ARM chips by tricking applications into leaking secrets such as passwords and other protected data. CERT/CC later summarized the broader issue as cache side-channel attacks against CPU hardware using speculative execution, underscoring that the weakness was architectural rather than limited to a single product line. Major vendors and cloud providers moved to contain the fallout with software, firmware, and microcode mitigations, including Microsoft Azure protections for hosted customers and public advisories from manufacturers such as Huawei. Subsequent research showed the problem persisted beyond the initial disclosures: the **ZombieLoad** attacks demonstrated additional Intel data-leakage paths tied to speculative execution, and a later **TSX Asynchronous Abort (TAA)** variant affected some processors previously thought to be resistant. Intel issued microcode updates, but researchers and vendors warned that mitigations reduced rather than eliminated risk, that exploitation generally required local code execution, and that fully disabling the underlying CPU behavior would carry significant performance costs.
May 25, 2026
Meltdown and Spectre Flaws Triggered Broad Patching and Performance Tradeoffs
Researchers disclosed the speculative-execution attacks **Meltdown** (`CVE-2017-5754`) and **Spectre** (`CVE-2017-5753`, `CVE-2017-5715`), showing that modern Intel, AMD, and ARM processors could leak sensitive data across privilege boundaries through cache-timing side channels. Google Project Zero demonstrated kernel and virtual-machine memory disclosure, while browser vendors including Mozilla confirmed that web content could abuse similar techniques, prompting Firefox to reduce timer precision and disable `SharedArrayBuffer` by default. Microsoft, Apple, Linux distributors, cloud providers, and hardware vendors issued operating-system, browser, and microcode mitigations, with Microsoft saying Azure had already been updated and Intel later announcing hardware changes for future chips. Early mitigation rollouts brought significant operational concerns, including uneven performance degradation and unstable firmware updates. Linux and macOS testing found that common desktop benchmarks often changed little, but syscall-heavy, storage, and IO-intensive workloads could slow noticeably, with some macOS microbenchmarks degrading by roughly **2x to 4x** and Windows Server or older systems expected to see larger impacts than newer Windows 10 devices. Intel’s early Spectre-related microcode updates were later linked to reboots and possible data corruption, leading Microsoft to publish an emergency update that disabled one mitigation path, while vendors such as Dell and NetApp tracked product exposure and remediation guidance as the industry continued responding to follow-on speculative-execution issues.
May 27, 2026
Downfall CPU flaw exposes data on affected Intel systems via Gather Data Sampling
Intel, Microsoft, VMware, Xen, and Linux maintainers published mitigation guidance for **Downfall** / **Gather Data Sampling (GDS)**, a transient execution side-channel vulnerability tracked as **`CVE-2022-40982`** that affects multiple Intel processor generations from **Skylake through Tiger Lake/Ice Lake-era parts**. Research by Google’s Daniel Moghimi showed the flaw can leak sensitive data across security boundaries—including processes, the kernel, virtual machines, sibling threads, and some trusted execution environments—by abusing speculative execution of **gather** instructions to expose stale vector register contents. Reported impacts include theft of passwords, encryption keys, SGX-protected data, and other memory-derived secrets, with shared and cloud environments highlighted as particularly exposed. Intel said mitigation relies primarily on updated **microcode** that blocks transient results of gather instructions from being observed speculatively, while Microsoft directed Windows customers to obtain Intel platform updates from OEMs and noted the protection is enabled by default. VMware said hypervisor patches are generally not required if underlying firmware is updated, while Xen issued advisory **XSA-435** and stable-tree fixes plus options such as restricting **AVX** for untrusted guests. Intel and downstream guidance warned that mitigation can carry noticeable performance costs—minimal for many workloads but up to **50%** for gather-heavy applications—and added that newer Intel families such as **Alder Lake, Raptor Lake, and Sapphire Rapids** include protections and are not considered affected.
May 26, 2026