NetSpectre, The New Vector

Meanwhile, in Spectre (PDF) news, comes word from Ars Technica’s Peter Bright, of a newly discovered attack vector (PDF) (dubbed NetSpectre) using the pernicious speculative-execution in-built microscode from the Minds of Intel Corporation. Now – and this is truly lovely – the vectors’not local, but external and free from the usual constraint of the local environ thusly a perhaps logrithmically more pernicious (if there is such a thing) network-resident information operation. Thanks Intel You’re Swell!

“That impact is now a little larger. Researchers from Graz University of Technology, including one of the original Meltdown discoverers, Daniel Gruss, have described NetSpectre: a fully remote attack based on Spectre. With NetSpectre, an attacker can remotely read the memory of a victim system without running any code on that system.” – via Peter Bright,, whilst writing at Ars Technica

*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: