Working Windows and Linux Spectre exploits found on VirusTotal

From bleepingcomputer.com

Working Windows and Linux Spectre exploits found on VirusTotal

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal.

The vulnerability was unveiled as a hardware bug in January 2018 by Google Project Zero researchers.

If successfully exploited on vulnerable systems, it can be used by attackers to steal sensitive data, including passwords, documents, and any other data available in privileged memory.

Spectre (CVE-2017-5753) side-channel attacks impact many modern processor models with support for speculative execution and branch prediction made by Intel, AMD, and ARM.

As Google found, Spectre also affects major operating systems, including Windows, Linux, macOS, Android, and ChromeOS.

Since its discovery, the hardware bug has received firmware patches and software fixes from all major processor and OS vendors.

Read more…