speculative-store-bypass – WindowsTechs.com

Software mitigation for variant 3a (rogue system register read) and variant 4 (speculative store bypass)

Posted on May 3, 2019 by Alex Vong

AFAIK, all mitigable meltdown / spectre variants have software mitigation except for variant 3a and 4. Why is this the case?

For variant 4, a straightforward software mitigation is to place lfence before all memory load oper… Continue reading Software mitigation for variant 3a (rogue system register read) and variant 4 (speculative store bypass)→

Are new AMD processors more secure than Intel ones?

Posted on September 6, 2018 by user3770060

Since the discovery of Meltdown and Spectre, CPU security has been compromised and trust to the main manufacturers reduced, particularly Intel. 8 months later I wonder, what CPUs are more secure at this moment?
Why? Have the patches achie… Continue reading Are new AMD processors more secure than Intel ones?→

Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4

Posted on June 13, 2018 by Lucian Constantin

Microsoft has fixed 50 vulnerabilities in its products during this month’s Patch Tuesday, 11 of which are rated critical. The company has also released mitigation for the new Spectre variant announced last month, known as Spectre Variant 4 or Sp… Continue reading Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4→

What is the attack vector for CVE-2018-3639 Speculative Store Bypass?

Posted on May 23, 2018 by Michael

We use Web Application deployed on a CentOS server.

Can the attack will be performed via a browser?
Or the attacker need a physical access to the CentOS server?

I cannot understand the attack vector from the RHEL: https://a… Continue reading What is the attack vector for CVE-2018-3639 Speculative Store Bypass?→