The Spectre Vulnerability in processors was one of the biggest talking points of 2018, and it would appear that 2019 has brought a similar vulnerability to the attention of cybersecurity experts. The potential exploit has been given the name ‘Spoiler,’ and it appears to concern all Intel-made processors since the 1st generation Intel Core. According to researchers, the severity of the Spoiler Vulnerability is not as high as the one saw in the Spectre exploit. However, they do state that by utilizing Spoiler, attackers could amplify attacks that target other vulnerabilities concerning memory leaks.
The short version of what the Spoiler Vulnerability consists of is that it could allow an attacker with minor local privileges to observe and map the physical memory addresses – an action that would not leak information from the memory, but may allow the attackers to focus on the important memory addresses if they happen to use another exploit.
Intel has recognized the Spoiler Vulnerability officially by adding it under the identifier ‘CVE-2019-0162.’ They have given it a severity score 3.8/10 – a rather low rating, but this is not a surprise considering the prerequisites that the attackers would need to make the Spoiler Vulnerability work in their favor. Not only would the attackers need local privileges, but they also would need physical access to the device – a requirement that reduces the impact the Spoiler Vulnerability may have in the future greatly.
Since the Spectre Vulnerability, Intel and other microprocessor manufacturers have released various fixes and tips that are meant to mitigate attacks of this sort. The same methods can be employed to protect systems from the Spoiler Vulnerability.