Prošla je godina dana a nebo se još nije srušilo. Neki junaci čak preporučaju disejblanje patcheva.
https://www.techrepublic.com/article...ns-of-malware/
Citiraj:
|
Researchers have gathered more than 130 samples of malware that try to exploit Meltdown and Spectre, although most appear to be proof-of-concept code.
|
https://twitter.com/avtestorg/status/959332840675708929
Citiraj:
|
Most samples are binaries (compiled for Windows, Linux and MacOS), but we also found the first working JavaScript PoC for Spectre.
|
Citiraj:
|
Yes, similar to existing attacks, attackers can only mount our attacks in practical settings once they have the ability to execute (unprivileged) code on the victim machine. We could convince ourselves this is still an obstacle, but we should first be prepared to disable JavaScript (and similar) in the browser, abandon cloud computing, etc.
|
Browseri nemaju elevated privileges, pa kako onda maliciozni JS upogoniti?
Izgleda da moraš biti PhD da napraviš exploit tih vulnerabilitija.
Apokalipsa odgođena do daljnjega?