In the network appeared information about new vulnerabilities that are found in processor architectures from Intel, AMD and ARM. Moreover, installed the patch against dangerous viruses Spectre and Meltdown does not protect against the possibility of a new break-in.
As the resource zdnet.com, talking about the issue at the conference Black Hat USA. Researchers from Bitdefender said that to retrieve data from the cache of the processors can bypass the protection from Spectre and Meltdown, because the attack is carried out via the side channels.
How does a new virus? In order to predict the branching commands, the speculative execution mechanism unloads the cache the most probable instructions. If the data processing is not allowed to guess the original command, the algorithm rolls back, then the procedure is repeated.
In the intervals between such attempts in the processor cache may contain not only garbage, but also passwords and other confidential information.
Information in this area not as well protected as the core of the OS itself, so a hacker can steal it using a brute force search of letters, numbers and symbols. The greatest danger lies in the fact that the theft of data is performed invisibly to the user.
Protection from burglary. It would seem that this vulnerability was already closed to Intel when fighting with the Meltdown and the Spectre. But, according to Bitdefender, the use of standard SWAPGS instruction in the x86-64 allows you to carry out a speculative load on all processors Intel, released in 2012.
Which users in “the affected area”? It is noteworthy that the July Microsoft patch under the number CVE-2019-1125 closes a vulnerability SWAPGSAttack. Here only under the threat remain users of Windows XP and other versions of redmondave. Safe remain only fans of Linux, which does not react to SWAPGSAttack.
Other news relating to events in the world of technology, gadgets, artificial intelligence, and space, see Techno