Two more speculative execution CPU flaws were discovered, the two new strains are called Spectre 1.1 and Spectre 1.2. The former enables attackers to perform a buffer overflow of CPU store cache, to write and run malicious code that captures data from previously-secured CPU memory sections. Spectre 1.1 is very similar to Spectre variant 1 and 4, but at the moment there's no mitigation that protects against Spectre 1.1.
Next we have Spectre 1.2, a vulnerability that enables writing to CPU memory sectors that are usually protected by read-only flags. The new bug impacts both Intel and ARM, and probably AMD too. More about both vulnerabilities can be read at BleepingComputer.
"As a result [of malicious Spectre 1.2 writes], sandboxing that depends on hardware enforcement of read-only memory is rendered ineffective," researchers say.
To exploit, similarly to most previous Meltdown and Spectre bugs, both vulnerabilities require the presence of malicious code on a user's PC, code responsible for running the attack. This somewhat limits the bug's severity, but doesn't excuse sysadmins who fail to apply patches when they'll become available.