The other two flaws are related and let user-based applications read each other's memory. Your secrets - passwords, credit-card numbers, sensitive documents - are no longer safe. The Meltdown attack that exploits this flaw makes it possible for user-based applications to read kernel memory, and thus any protected process on the machine. Also affected is ARM Cortex-A75 chipset, which will be used in the upcoming Qualcomm Snapdragon 845 system-on-a-chip for the next generation Android flagship phones. Meltdown also affects Apple's A7-through-A11 ("Bionic") line of mobile systems-on-a-chip used on the last few years of iPhones, iPads and iPod Touches. Unfortunately, that includes all Intel CPUs made since 1995, except for Atom chips before 2013 and Itanium chips. MORE: How to Protect Your Identity, Personal Data and Propertyģ) Of the three flaws, the first one affects only Intel chips, Apple mobile chips and at least one ARM chip. (Microsoft's Edge and Internet Explorer 11 browsers should be safe to use after you apply this week's Windows update, and the current version of Firefox will automatically update itself.) Antivirus software may be able to block the payloads of some JavaScript-based attacks, but the JavaScript implementation in modern browsers will need to be updated to prevent all Spectre attacks. The Spectre attacks can work both locally and via a malicious JavaScript in a web browser, which is technically local but provides a much bigger attack surface.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |