In this blog post, we will get into the details of the implementation of Spectre, the exploit that targets the vulnerbilities found in CPUs built by AMD, ARM, and Intel. We assume you are familiar with the concept of the attack, and you can inspect the Proof of Concept source code provided in the Appendix of the paper linked above. You might also find it easier to read this blog post with the source code side by side. [Read More]
by RSS Axelle Apvrille  |  Jan 17, 2018  |  Filed in: Security Research
  Introduction 2018 truly is starting off with a bang: fundamental CPU flaws dubbed Meltdown and Spectre were found affecting pretty much all modern processors developed since the Pentium Pro (1995). These flaws root in two critical CPU features: Out of Order Execution and Speculative Execution, which are crucial for performance. Since this is an important feature and not a bug, it is inherently hard to fix. Furthermore, for performance reasons, speculative execution is almost always implemented in hardware, so “fixes”... [Read More]
by RSS Minh Tran  |  Jan 12, 2018  |  Filed in: Security Research
Earlier this week, it was announced that researchers uncovered two new side channel attacks that exploit newly discovered vulnerabilities found in most CPU processors, including those from Intel, AMD, and ARM. These vulnerabilities allow malicious userspace processes to read kernel memory, thereby potentially causing sensitive kernel information to leak. These vulnerabilities are known as Meltdown and Spectre. [Read More]
by RSS Fortinet  |  Jan 04, 2018  |  Filed in: Business and Technology, Security Research