Collaborate Disseminate
By Waqas
Microsoft’s January patch was released amidst claims of addressing the
This is a post from HackRead.com Read the original post: Flawed Meltdown patch by Microsoft makes Windows more vulnerable
Continue reading Flawed Meltdown patch by Microsoft makes Windows more vulnerable
Microsoft’s updates for the Meltdown microprocessor mega-flaw inadvertently left users running Windows 7 64-bit systems open to a “way worse” flaw. Continue reading Microsoft’s Windows 7 Meltdown patch created ‘worse’ flaw
Microsoft’s early patches for the Meltdown chip flaw have introduced an even more serious vulnerability in Windows 7 that allows attackers to read kernel memory much faster and to write their own memory, according to an independent security researcher. The discovery is the latest twist in a monthslong saga around Meltdown and Spectre, which together have affected virtually all modern computer chips. The researcher, Ulf Frisk, discovered that the Microsoft-issued Windows 7 patches could allow an attacker to access every user-level computing process running on a machine. Normally, the hierarchy of Microsoft’s memory management would keep a number of operations secured on the kernel level. An attacker would need a foothold into a computing system in order to exploit the vulnerability. But once that foothold is established, “no fancy exploits” are needed, Frisk said. “Windows 7 already did the hard work of mapping in the required memory into every running […]
The post Microsoft’s Meltdown patches introduced a whole new vulnerability appeared first on Cyberscoop.
Continue reading Microsoft’s Meltdown patches introduced a whole new vulnerability
Microsoft’s January and February patches for the Meltdown vulnerability introduced an even more dangerous flaw that left Windows 7 and Server 2008 R2 systems vulnerable to complete compromise. The bug is somewhat ironic because it gives user-mod… Continue reading Meltdown Patches Left Windows 7, Server 2008 Systems Even More Vulnerable
New attack focuses on a different part of the branch prediction system. Continue reading As predicted, more branch prediction processor attacks are discovered
Has an unknown Israeli company called CTS Labs tried to exploit worries over microprocessor flaws for financial gain? Continue reading AMD announces Ryzen patch timeline as disclosure controversy rages
I am looking for a test program that can exploit Meltdown/Spectre on ARM cores.
Could see that there are test program for x86_64 architecture:
https://github.com/IAIK/meltdown
Is there similar test program available for AR… Continue reading Proof of concept Meltdown/Spectre for ARM cores
A roundup of notable security news from March 12 to 18, including data theft, mobile malware, compromised clients, and more.
Categories:
Security world
Week in security
Tags: AndroidcybercrimemalwareMeltdownSpectrevpn
(Read more…)
Th… Continue reading A week in security (March 12 – March 18)
By Waqas
The bug bounty program will remain open until December 31st, 2018.
This is a post from HackRead.com Read the original post: Microsoft Bug Bounty Program: $250k for Spotting Meltdown & Spectre Type Flaws
Continue reading Microsoft Bug Bounty Program: $250k for Spotting Meltdown & Spectre Type Flaws
Security researchers have come across an attack against PostgreSQL servers that installs cryptominer malware that’s hidden in a picture of actress Scarlett Johansson. The unusual attack was captured in a honeypot by researchers from security fir… Continue reading Attackers Deliver Cryptominer to PostgreSQL Servers as Scarlett Johansson Pic