8 matches found
New Ninth-Gen Intel CPUs Shield Against Some Spectre, Meltdown Variants
Intel’s new ninth-generation CPUs come packed with hardware-based protections against two variants of the infamous Meltdown and Spectre speculative execution attacks. The ninth-generation desktop Core processors are dubbed Coffee Lake, and became available for preorder on Tuesday. they’re built t...
Security Bulletin: IBM Netezza Host Management is affected by the vulnerabilities known as Spectre and Meltdown.
Summary IBM Netezza Host Management is affected by the vulnerabilities known as Spectre and Meltdown, which can enable CPU data cache timing to be abused to bypass conventional memory security restrictions to gain access to privileged memory that should be inaccessible. Vulnerability Details CVEI...
KVA Shadow: Mitigating Meltdown on Windows
On January 3rd, 2018, Microsoft released an advisory and security updates that relate to a new class of discovered hardware vulnerabilities, termed speculative execution side channels, that affect the design methodology and implementation decisions behind many modern microprocessors. This post...
New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown
In the wake of the Meltdown and Spectre flaws, Microsoft has rolled out a new bug bounty program targeting speculative execution side channel vulnerabilities. The limited time program is open until December 31, and offers up to $250,000 for identifying new categories of speculative execution...
VMware Virtual Appliance updates address side-channel analysis due to speculative execution
a. VMware Virtual Appliance Mitigations for Bounds-Check bypass Spectre-1, and Rogue data cache load issues Meltdown CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to at worst arbitrary virtual memory read vulnerabilities across...
VMSA-2018-0007:VMware Virtual Appliance updates address side-channel analysis due to speculative execution
VMSA-2018-0007.6 VMware Virtual Appliance updates address side-channel analysis due to speculative execution VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0007.6 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Virtual Appliance...
Experts Weigh In On Spectre Patch Challenges
The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices. Currently, vendors are focused on three main mitigation efforts. Patches that address the...
Reading privileged memory with a side-channel (Meltdown & Spectre)
We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to at worst arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts. Variants of this issue are known to affect many mode...