speculative execution
#iLeakage: All Apple CPUs Vulnerable — No Patch in Sight
Richi Jennings | | Apple Safari, ARM, Daniel Genkin, iLeakage, ios, macos, mobile safari, Safari, SB Blogwatch, Spectre, speculative execution, Webkit, WebKit engine
Son of Spectre: No fix for iOS, “unstable” workaround for macOS ...
Security Boulevard
Apple M1 Flaw Can’t be Fixed — PACMAN Panic
Richi Jennings | | Apple, ARM, M1, PACMAN, SB Blogwatch, speculative execution, Yo dawg we heard you had a vulnerability mitigator so we designed a vulnerability to mitigate your vulnerability mitigator
Apple’s M1 chip isn’t as safe from buffer overflows as previously thought. M1 and other designs based on ARMv8.3 can have their ‘PAC’ protection neutered ...
Security Boulevard
Specter of Spectre is Back, in New Micro-Op Cache Vuln
It’s been three years, but now researchers have disclosed new attacks on speculative execution in Intel and AMD chips ...
Security Boulevard
BlindSide: Intel/AMD Speculation Bugs Under Microscope Again
Researchers have published frightening details on what they’re calling BlindSide, which relies on co-opting our old friend speculative execution ...
Security Boulevard
Can Applications Withstand the ZombieLoad Attack?
As if Meltdown, Spectre and Foreshadow were not enough, recently a new critical vulnerability called ZombieLoad has been discovered that affects a series of modern Intel processors. This vulnerability enables a potential ...
Security Boulevard
Security Boulevard’s 5 Most Read Stories for the Week, August 13-17
Saleem Padani | | android malware, attorneys, consumer data, dynamic loading, fax protocol, Faxploit, Foreshadow, HIPAA, memory leak, multifunction printer, privacy rules, regulations, speculative execution, user privacy, Vulnerabilities
A new week, a new crop of security stories. Last week, lack of user privacy, man-in-the-attack, dumb privacy rules and Intel CPUs vulnerabilities made the headlines. In addition, we discussed how to get ...
Security Boulevard
New Foreshadow Vulnerabilities Defeat Memory Defenses on Intel CPUs
Lucian Constantin | | CVE-2018-3615, CVE-2018-3620, CVE-2018-3646, Foreshadow, memory leak, speculative execution
Security researchers have uncovered a new way to exploit the speculative execution feature of Intel CPUs to bypass memory security barriers and leak protected information. The vulnerability, known as Foreshadow or L1 ...
Security Boulevard
CPU Speculative Execution Hits Again with 2 New Spectre Variants
Lucian Constantin | | CVE-2018-3693, Google Chrome, Spectre mitigation, Spectre variant, speculative execution
At the beginning of this year, the Spectre and Meltdown vulnerabilities shined a spotlight on the security risks associated with the speculative execution feature of modern CPUs. Since then, researchers have kept ...
Security Boulevard
Intel Faces Yet Another Speculative Execution Flaw in Its CPUs
As predicted by security researchers, the Meltdown and Spectre vulnerabilities announced this year were just the tip of the iceberg when it comes to security issues related to the speculative execution feature ...
Security Boulevard
Meltdown Patches Left Windows 7, Server 2008 Systems Even More Vulnerable
Microsoft’s January and February patches for the Meltdown vulnerability introduced an even more dangerous flaw that left Windows 7 and Server 2008 R2 systems vulnerable to complete compromise. The bug is somewhat ...
Security Boulevard