Endpoint Security

Chipmaker Patch Tuesday: Intel, AMD, Arm Respond to New CPU Attacks

Intel, AMD and Arm each published security advisories on Patch Tuesday, including for newly disclosed CPU attacks.

Chipmaker Patch Tuesday

Chip giants Intel, AMD and Arm each published Patch Tuesday security advisories to inform customers about vulnerabilities found recently in their products, including ones related to newly disclosed CPU attacks.

One of the CPU attacks was disclosed this week by researchers at Swiss university ETH Zurich. The researchers discovered a branch privilege injection issue, tracked as CVE-2024-45332, that they claim “brings back the full might of branch target injection attacks (Spectre-BTI) on Intel”.

The researchers claim that while Intel’s Spectre-BTI (aka Spectre v2) mitigations have worked for nearly six years, they have now found a way to break them due to a race condition impacting Intel CPUs. 

Spectre-style attacks could allow an attacker who has access to the targeted system to obtain potentially valuable information from memory, such as encryption keys and passwords.

In its advisory, Intel said it’s releasing microcode updates to mitigate CVE-2024-45332, which it described as a sensitive information disclosure issue. 

AMD has published an advisory to inform customers that — as stated by the researchers as well — the vulnerability does not impact its CPUs.

Advertisement. Scroll to continue reading.

Another CPU attack was disclosed this week by researchers at Dutch university VU Amsterdam. Their analysis, dubbed Training Solo, led to the discovery of three new classes of self-training Spectre v2 attacks, which highlight the limitations of domain isolation.

The researchers developed two exploits against Intel CPUs that can leak kernel memory at up to 17 Kb/s, and they found two new hardware flaws (tracked as CVE-2024-28956 and CVE-2025-24495), which “completely break the domain isolation and re-enable traditional user-user, guest-guest, and even guest-host Spectre-v2 attacks”.

Intel said it’s releasing microcode updates and prescriptive guidance to mitigate these vulnerabilities. 

AMD has published an advisory to say that its CPUs are not impacted by this attack. Arm CPUs, on the other hand, may be impacted. The chipmaker told customers that while this is not a new vulnerability, its security guidance has been updated to more explicitly highlight the risks.

Intel has published 25 new advisories covering dozens of vulnerabilities found across its products. 

The chip giant has patched high-severity vulnerabilities that can lead to information disclosure, DoS attacks or privilege escalation in Tiber Edge Platform, Graphics and Graphics Driver, Server Board, PROSet/Wireless, Gaudi, Xeon, Ethernet Network Adapter, Slim Bootloader, and Simics Package Manager products.

Medium-severity issues have been addressed in Intel’s RealSense, Ethernet Network Adapter, Ethernet Connections Boot Utility, oneAPI Level Zero, OpenVINO, Advisor, Endurance Gaming Mode, Arc GPU, Core and Xeon CPU, oneAPI DPC++/C++ Compiler, and QuickAssist Technology products. 

AMD has published three other new advisories. One covers four high-severity vulnerabilities in AMD Manageability Tools — their exploitation can lead to privilege escalation and potentially arbitrary code execution.

Another advisory describes two high-severity flaws in AMD Optimizing CPU Libraries (AOCL), which could also be exploited for privilege escalation and possibly code execution. The last advisory covers a medium-severity issue in uProf that can be exploited to delete arbitrary files. 

Related: Intel TDX Connect Bridges the CPU-GPU Security Gap

Related: AMD Patches CPU Vulnerability That Could Break Confidential Computing Protections

Related: New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones

Related Content

Vulnerabilities

The two chip giants have published over two dozen advisories describing recently identified security defects.

Vulnerabilities

The bugs could lead to arbitrary code execution, privilege escalation, or authentication rate-limit bypass.

Endpoint Security

More than two dozen advisories have been published by the chip giants for vulnerabilities found recently in their products.

Cloud Security

Dozens of vulnerabilities, bugs, and potential improvements have been identified by the tech giants’ security teams.

Endpoint Security

Researchers have disclosed technical details on a new AMD processor attack that allows remote code execution inside confidential VMs.

Endpoint Security

The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS.

Vulnerabilities

Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products.

Cloud Security

Intel and AMD have published advisories after academics disclosed details of the new TEE.fail attack method.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version