Information Security News mailing list archives
New secret-spilling flaw affects almost every Intel chip since 2011
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 15 May 2019 06:51:32 +0000 (UTC)
https://techcrunch.com/2019/05/14/zombieload-flaw-intel-processors/ By Zack Whittaker TechCrunch May 14, 2019 Security researchers have found a new class of vulnerabilities in Intel chips which, if exploited, can be used to steal sensitive information directly from the processor., The bugs are reminiscent of Meltdown and Spectre, which exploited a weakness in speculative execution, an important part of how modern processors work. Speculative execution helps processors predict to a certain degree what an application or operating system might need next and in the near-future, making the app run faster and more efficient. The processor will execute its predictions if they’re needed, or discard them if they’re not. Both Meltdown and Spectre leaked sensitive data stored briefly in the processor, including secrets -- such as passwords, secret keys and account tokens, and private messages. Now some of the same researchers are back with an entirely new round of data-leaking bugs. [...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
Current thread:
- New secret-spilling flaw affects almost every Intel chip since 2011 InfoSec News (May 15)