New BlindSide attack uses speculative execution to bypass ASLR



Academics have developed a new technique for attacking secure computer systems by abusing speculative execution, a CPU mechanism that’s normally used for performance optimizations.

The technique, named BlindSide, was detailed in a paper [PDF] published last week by a team of academics from the Stevens Institute of Technology in New Jersey, ETH Zurich, and the Vrije University in Amsterdam.

Read more…