Displaying items by tag: Spectre

Researchers at the University of Virginia School of Engineering computer science department have discovered vulnerabilities earlier in the speculative execution chain of a processor than the Spectre flaw which was made public in January 2018.

Avoiding processors that suffer from the Spectre vulnerability will, in some cases, mean that one has to buy a new CPU, a senior Linux systems administrator says.

A version of the CANVAS exploit platform, that can be used to test the vulnerability of computer systems or to break into remote systems using exploits that come along with it, has been leaked on the VirusTotal database and can now be accessed by all paid subscribers of the service.

A French researcher claims to have found a working exploit for the Spectre vulnerability on Linux systems on the VirusTotal database, the first such exploit to come to light since the flaw was made public by Intel back in 2018.

The OpenSSH project has implemented changes in its implementation of secure shell to guard against speculative execution and memory side-channel attacks — Spectre, Meltdown, Rowhammer and RAMBleed — developer Damien Miller says.

The head of the OpenBSD project, Theo de Raadt, has warned that more flaws related to speculative execution in Intel CPUs are likely to be found and that the two vulnerabilities found by Intel, as a result of examining the Foreshadow bug — found by two independent teams — are cause for much worry.

Despite the abysmal security record of its Android mobile operating system, Google loves to boast of its prowess in the field of security. Most of the time it does this by trying to show it is superior to other technology companies, with the latest example being Samsung.

Processor giant Intel says that a new vulnerability in its CPUs, known as TLBleed, is not caused by speculative execution and hence not related to Spectre and Meltdown, two flaws which were disclosed in January.

Intel chief executive Brian Krzanich has resigned after the company discovered he had a consensual relationship with a staff member in violation of Intel's non-fraternisation policy.

The OpenBSD project, which produces an UNIX-like operating system of the same name, has decided to disable support for hyperthreading for Intel processors as it could lead to data leaks in a manner similar to that caused by the Spectre flaws in Intel processors announced earlier this year.

Two new variants of the processor vulnerability known as Spectre, that was announced in January, have been announced by Google and Microsoft.

Intel has updated patches issued earlier for its Broadwell and Haswell range of processors to guard against one variant of the Spectre vulnerability.

Intel concealed information about two flaws in its processors from US cyber security officials and the latter only became aware of them when they were publicly disclosed a little more than six months after the processor behemoth was informed about them.

Processor giant Intel will give a demonstration of a concept 5G-connected PC during the forthcoming Mobile World Congress in Barcelona.

Processor giant Intel has issued a second set of patches for two flaws, named Meltdown and Spectre which were publicly disclosed in January, after there were problems with the first set of patches issued last month.

Thirty customer class action lawsuits and two securities class actions have been filed against Intel in connection with two vulnerabilities in its processor which were made public in January.

Intel reportedly warned its OEM partners about the Meltdown and Spectre processor flaws on 29 November, the same day that its chief executive, Brian Krzanich, sold a tranche of stock and options and netted a healthy profit.

The US Government was not on the priority list of entities which Intel chose to notify when it became aware of flaws in its processors that were finally divulged to the world earlier this month.

Linux creator Linus Torvalds has described the patches released by Intel for the Meltdown and Spectre bugs as "complete and utter garbage".

Intel says it has identified the reasons why the patches it issued for the Meltdown and Spectre vulnerabilities caused crashes on the Broadwell and Haswell platforms.