The aftermath of Spectre and Meltdown security vulnerabilities is still ongoing, and various new attacks (varying in severity and legitimacy) have surfaced online since Google’s Project Zero bought them to the fore. However, there really is a new subclass of speculative-execution attack, yet again outlined by Google and Microsoft.
Don’t be alarmed, as with the last Spectre and Meltdown vulnerabilities, this new attack is realistically about as dangerous to your home PC as a cat napping on your exhaust fans. That’s not to say it has no potential to be dangerous in the wrong hands, but no exploits have been spotted in the wild as of yet, and the current mitigations for Spectre Variant 1 will also make Variant 4 exploits pretty tricky.
Get more processing power for your money with the best AMD and Intel CPUs around.
Variant 4, or Speculative Store Bypass (SSB), utilises the same speculative execution channels as other variants outlined previously, and this means it opens up data extrapolation from a side channel - this time, that means a language-based runtime environment, the likes of which are most commonly found in web browsers.
As most common processor architectures feature similar construction and utilise speculative execution in some way during function, Variant 4 could apply in some way to many processors and architectures from various manufacturers, including Intel, AMD, and ARM.
from
https://www.pcgamesn.com/intel-amd-spectre-flaw-variant-4
Žádné komentáře:
Okomentovat