[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Pretty much everything that can be induced to do speculative execution is vulnerable to one of these bugs. Most things with the right kind of JS compiler, which means most things which run browsers. Anything that runs arbitrary code (so virtual machines in clouds). Just be glad you donât run Windows when the fix/workaround is messier. As an attack probably overhyped, this sort of thing isnât the exploit of choice for attackers. You know reading 4GB or 64GB of RAM slowly in the hope of pulling out keys or passwords of interest is not the stuff of hackers dreams. On the other hand over time theyâll be modules for metasploit and similar tools. Attacks will get better. Why the advice from NCSC, apply patches as they become available seems sound. There is a lot of interest today, give it a week itâll be one more issue to make sure you have covered off. Must be one of the most pervasive types of bug weâve seen ever. -- The Mailing List for the Devon & Cornwall LUG https://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq