Security researchers have found a new way to abuse the speculative execution mechanism of modern CPUs to break security boundaries and leak the contents of kernel memory. The new technique abuses a system instruction called SWAPGS and can bypass mitigations put in place for previous speculative execution vulnerabilities like Spectre.
[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ]The vulnerability was discovered by researchers from security firm Bitdefender and was reported to Intel almost a year ago. Since then, it has followed a lengthy coordination process that also involved Microsoft, which released mitigations during last month’s Patch Tuesday.
To read this article in full, please click here
Support the originator by clicking the read the rest link below.
