Spectre is the CPU vulnerability that just keeps on giving. Revisions to CVE-2017-5753 and CVE-2018-3693 this week reveal that Spectre 1.1 and 1.2 have emerged from the shadows.

Spectre is the CPU vulnerability that just keeps on giving. Revisions to CVE-2017-5753 and CVE-2018-3693 this week reveal that Spectre 1.1 and 1.2 have emerged from the shadows. So what are they, and how do you mitigate them and any exploits that follow?

 

They are, however, new variants of the original vulnerability and have been dubbed Spectre 1.1 and 1.2 as a result. Like most sequels, they aren’t quite as gripping as the original but nonetheless cannot be ignored. 

 

 

 

In a nutshell, Spectre 1.1 can leverage speculative stores to create speculative buffer overflows while Spectre 1.2 enables the targeting of CPUs without the proper read/write protection in order to breach sandboxes. 



Source link

NO COMMENTS

LEAVE A REPLY