Sci-tech

Meltdown and Spectre reveal Firefox passwords

Meltdown and Spectre reveal Firefox passwords”

The more pervasive flaw, dubbed Spectre, leaves the world's supply of microprocessors potentially vulnerable to attack, the researchers said.

Spectre is a name covering two different exploitation techniques known as CVE-2017-5753 or "bounds check bypass", and CVE-2017-5715 or "branch target injection". This means an attacker could obtain passwords, encyption keys or steal information from other applications.

IBM, meanwhile, stated that its engineering teams are working to determine "any potential impact" and resolutions, as its services and security organizations work with users to plan and update potentially impacted systems. Vulnerabilities discovered in Intel, AMD, and ARM hardware also affects Microsoft Surface devices, and in order to protect the devices against any attacks, the company released the dedicated firmware update. "We used our VM Live Migration technology to perform the updates with no user impact, no forced maintenance windows and no required restarts". "Google Cloud is architected in a manner that enables us to update the environment while providing operational continuity for our customers".

It did add that those using their own operating system with CGP might need additional updates and that some action was needed for Google Compute Engine and Google Kubernetes Engine customers.

A number of AV firms also say the believe their anti-virus is compatible with the patch but they have not yet updated the Windows registry on customer machines to allow the patch to be installed.

AWS officials said in a statement that all but a small, single-digit percentage of instances across the Amazon EC2 fleet were already protected, and remaining ones would be completed within hours.

In the longer term, we have started experimenting with techniques to remove the information leak closer to the source, instead of just hiding the leak by disabling timers.

For Microsoft's part, the company said in a statement that it has already secured "the majority of [its] Azure infrastructure" against the flaw.

Apple and AMD did not immediately respond to requests for comment.

The patch applies to all supported versions of Windows and Windows Server, Microsoft SQL Server and the Edge and Internet Explorer 11 browsers. The chances of this happening to the average user are slim, but still most certainly significant.



Like this

loading...
loading...

Latest


06 January 2018
Hip injury is a concern for Konta ahead of Sydney title defence
Konta said it was an entirely new injury and unlike anything she had experienced before in her career. Svitolina, 23, started the week as World No 6 but would finish it as No 4 if she wins the tournament.

06 January 2018
Range Resources Corporation (NYSE:RRC), Match Group, Inc. (NASDAQ:MTCH)
Vertex Pharmaceuticals Incorporated (NASDAQ:VRTX) earnings have risen with a quarterly rate of 3.8% over the last 5 years. Nordea Investment Management AB increased its holdings in shares of Range Resources by 33.2% in the 3rd quarter.

06 January 2018
The Blackstone Group LP (NYSE:BX) Future Growth Projections From Analysts
The company holds a market cap of 40.25B with a P/E of 14.35 indicating whether its share price properly reflects its performance. It turned negative, as 29 investors sold BX shares while 155 reduced holdings. 52 funds opened positions while 177 raised stakes.

06 January 2018
'Lunar trifecta' to adorn morning sky on January 31
But wait, wait - these two celestial events , the blue moon and the super moon, will also coincide with a total lunar eclipse. In California? You'll get a good view of totality , with the total phase starting at 4:51 a.m. and ending at 6:07 a.m.

06 January 2018
Petition to stop Slender Man movie gains thousands of signatures
Days after the Wisconsin stabbing , a 13-year-old girl in Hamilton County, Ohio, attacked her mother with a knife. When one of the girls goes mysteriously missing, they begin to suspect that she is, in fact, HIS latest victim'.

06 January 2018
Science Applications International Corporation (SAIC) Consensus Estimates Analysis
Finally, Scout Investments Inc. raised its holdings in shares of Science Applications International by 84.4% in the third quarter. Moreover, Ami Asset Mngmt has 0.82% invested in Carbonite, Inc. 66,877 are owned by Tiaa Cref Investment Ltd Liability Com.

06 January 2018
Charles Randell appointed as new FCA chairman
It was also confirmed that the corporate finance specialist had been handed the role of chair of the Payments Systems Regulator. Former Slaughter and May partner Charles Randell has been appointed as the new chair of the Financial Conduct Authority (FCA).

06 January 2018
Shares outperforming today's market Wal-Mart Stores, Inc. (NYSE:WMT)
It is flat, as 62 investors sold WMT shares while 508 reduced holdings. only 113 funds opened positions while 468 raised stakes. Grisanti Cap Management Lc reported 0.81% of its portfolio in Wal-Mart Stores, Inc. (NYSE: WMT ) for 571 shares.

06 January 2018
Winter storm pummels the East Coast
Officials feared that fast-dropping temperatures after the storm passed would turn remaining snow on roadways to ice. The high winds generated by the storm could cause widespread power outages to go along with blizzard conditions.

06 January 2018
Stryker (NYSE:SYK) Gets an Upgrade to a "Neutral" Rating
EHRLICH DONALD J also sold $960,736 worth of Danaher Corporation (NYSE:DHR) shares. 34,358 were accumulated by Addenda Capital. After $1.52 actual EPS reported by Stryker Corporation for the previous quarter, Wall Street now forecasts 28.29 % EPS growth.