Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

TA18-141A: Side-Channel Vulnerability Variants 3a and 4

Systems Affected

CPU hardware implementations

Overview

On May 21, 2018, new variants—known as Spectre 3A and 4—of the side-channel central processing unit (CPU) hardware vulnerability were publically disclosed. These variants can allow an attacker to obtain access to sensitive information on affected systems.

Description

CPU hardware implementations—known as Spectre and Meltdown—are vulnerable to side-channel attacks. Meltdown is a bug that "melts" the security boundaries normally enforced by the hardware, affecting desktops, laptops, and cloud computers. Spectre is a flaw that an attacker can exploit to force a CPU to reveal its data.

Spectre Variant 3a is a vulnerability that may allow an attacker with local access to speculatively read system parameters via side-channel analysis and obtain sensitive information.

Spectre Variant 4 is a vulnerability that exploits “speculative bypass.” When exploited, Variant 4 could allow an attacker to read older memory values in a...(continued)

View All Trending Stories