20 07, 2018

Spectre Reemerges With Two New Variants

By |2018-07-20T16:32:25-07:00July 20th, 2018|Vulnerability & Threat Management|

In January 2018, chip-level design flaws — dubbed Spectre and Meltdown — in Intel processors made headlines as they affected every Intel chip for the last decade. The vulnerabilities could allow any application running on a user-level mode to access protected kernel memory areas. The next day, researchers announced Spectre (CVE-2017-5753 and CVE-2017-5715) was present [...]

23 05, 2018

Speculative Store Buffer Bypass, Rogue System Register Read

By |2018-05-23T17:16:43-07:00May 23rd, 2018|Vulnerability & Threat Management|

Bug bounties pay off, uncovering two more side-channel flaws in the wake of Meltdown and Spectre — Rogue System Register Read and Speculative Store Buffer Bypass. Timeline As soon as Google Project Zero publicized Meltdown and Spectre, researchers started hunting down related flaws. For any hackers not motivated enough by the impact of identifying such a widespread [...]