Cyber security researchers have found a new security flaw that affects computing chips and is related to the Spectre and Meltdown chip flaws that emerged in January.
Security researchers at Microsoft and Alphabet’s Google on Monday disclosed the chip problem, known as Speculative Store Bypass or Variant 4.
The flaw affects many chips from Intel, AMD, and Softbank Group’s ARM. Researchers said the risks are low, partly because of web browser patches already issued earlier this year to address Spectre.
Microsoft, in its research findings, said that patches issued for common web browsers earlier this year greatly increased the difficulty of carrying out an attack with the newly discovered flaw.
Chips from Intel, AMD and ARM all have patches available, either directly from the makers or through software suppliers such as Microsoft.
Intel said it expects a performance slowdown of between 2 percent and 8 percent from the patches.
ARM said it expects a slowdown of between 1 percent and 2 percent.
Intel said that because of the low risk of a real-world attack, it would ship its patches turned off by default, giving users the choice whether to turn them on.
AMD also advised leaving the patches turned off due to the difficulty of carrying out an attack.
