This post was originally published on this site

Posted by Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Program Manager

[For technical details about this issue, please read Project Zero’s blog post]

Last year, Google’s Project Zero team discovered serious security flaws caused by “speculative execution,” a technique used by most modern processors (CPUs) to optimize performance.

The Project Zero researcher, Jann Horn, demonstrated that malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system’s memory such as passwords, encryption keys, or sensitive information open in applications. Testing also showed that

This post first appeared on Google security. Read the original article.

About The Author

Related Posts