Experts speculate hackers begin to remotely exploit Intel CPU vulnerabilities
According to foreign media reports January 4 reported that the relevant security experts believe that hackers will soon be the remote use of Intel (including AMD and ARM) processors, two serious vulnerabilities Specter, Meltdown attack.
Researchers disclosed details of the vulnerability on January 3: Specter and Meltdown used three different flaws to bypass memory isolation mechanisms to access sensitive data, including passwords, photos, documents, and email. The CPUs of billions of products are currently affected, including PCs and smartphones, and the cloud environment may also be vulnerable. Researchers have provided a defense strategy that uses kernel page table isolation (KPTI), and affected vendors also release patches and workarounds.
Although the primary attack vector is local access (such as a malware installed on the target machine), researchers think it is possible to remotely attack via JavaScript.
In response, researchers developed a proof of concept (POC) to validate the use of specter using JavaScript in Google Chrome and read private memory from there. This PoC verification shows that JavaScript remote exploit is available, so experts think it is only a matter of time before a malicious attacker exploits the vulnerability to exploit the vulnerability. This is why some experts advise users to disable JavaScript and install ad blockers in their browsers.
In addition, several tech giants also analyzed possible long-range attacks.
Mozilla
Through internal experiments to determine these technologies can be used to read private information from different sources between the contents of the page, Mozilla has decided to implement some of the protection in Firefox 57.
Through JavaScript and WebAssembly can attack. Google informs customers that the current version of Chrome includes a feature called site isolation that can be manually enabled to prevent attacks. In addition, Google said it will include mitigation for the V8 JavaScript engine in Chrome 64, which will be released on January 23, and other enhancements will be added in a future release, but these measures may have a negative impact on performance.
Microsoft
Attacks can be started with JavaScript code running in the browser. However, at present, Microsoft has released the latest version of its Edge and IE browser to reduce vulnerabilities.
Informed sources revealed that the top executives of many well-known companies also agree with the suspicion that hackers will exploit loopholes in the near future. For example, Bryce Boland, Chief Technology Officer of FireEye Asia Pacific Region, Sam Curry, Chief Security Officer of Cybereason, and others.
Source: SecurityWeek
