Researchers have discovered a new variation of the Spectre CPU vulnerability which is easier to exploit than the original security flaw.
The vulnerability is named SplitSpectre, and is reportedly a variation of the original Spectre CPU security flaw which can be exploited via browser-based code.
While the CPU microarchitecture is still the target of the attack, a SplitSpectre attack is reportedly even easier to execute as part of the exploitation can be run within the attacker’s code instead of within the victim’s kernel.
Researchers successfully exploited this vulnerability by attacking systems with Intel Haswell and Skylake CPUs in addition to AMD Ryzen chips.
These researchers also created a tool named Speculator, which measures microarchitectural characteristics and examines a system for flaws.
This tool will be released as an open-source utility for vulnerability checking, the researchers stated.