Checking and patching your Microsoft Windows computer for Meltdown and Spectre
Overview
A Google team named Project Zero in mid 2017 identified vulnerabilities with many Intel, AMD and ARM CPU’s that allow speculative pre-processing of code to be abused. Speculative pre-processing aids performance which is why it exists. However when used maliciously it would allow an attacker to use JavaScript in a webpage to access memory that could contain information present in a users environment such as key strokes, passwords and personal sensitive information.
A very good overview on the how (and a little of the why) is summarised in a series of tweets by Graham Sutherland here.… [Keep reading] “Checking and patching your Microsoft Windows computer for Meltdown and Spectre”