Jan 8, 2018, 10:28 PM
Good evening community,
we feel it is our duty to inform you that your browsers/systems could be compromised by attackers.
Now this is nothing new as you can guess. However, there is some critical difference between some regular attacks and those Meltdown/Spectre exploits.
On the night of 3rd-4th January, Google's Project Zero released three CVE (Common Vulnerabilities and Exposures) documents that are explicitly demonstrating the following exploits:
Within hours, security researchers were able to steal browser passwords/tokens - all just by visiting some malicious websites.
Seeing that it is possible to compromise your systems without leaving any trace (no logs nothing), please update your systems/browsers in order to protect your data!
Various vendors have already released emergency patches/updates that you should apply now.
How to protect your systems/browsers against Spectre/Meltdown:
https://www.cnet.com/how-to/how-to-fix-m...droid-ios/
we feel it is our duty to inform you that your browsers/systems could be compromised by attackers.
Now this is nothing new as you can guess. However, there is some critical difference between some regular attacks and those Meltdown/Spectre exploits.
On the night of 3rd-4th January, Google's Project Zero released three CVE (Common Vulnerabilities and Exposures) documents that are explicitly demonstrating the following exploits:
- CVE-2017-5715 (branch target injection - Spectre)
- CVE-2017-5753 (bounds check bypass - Spectre)
- CVE-2017-5754 (rogue data cache load - Meltdown)
Within hours, security researchers were able to steal browser passwords/tokens - all just by visiting some malicious websites.
Seeing that it is possible to compromise your systems without leaving any trace (no logs nothing), please update your systems/browsers in order to protect your data!
Various vendors have already released emergency patches/updates that you should apply now.
How to protect your systems/browsers against Spectre/Meltdown: