New Versions of Spectre Vulnerability Found

Chrome / Chromium, Edge, Safari and other browsers based on WebKit and Blink are under the thread
13 July 2018   1149

The information about new vulnerabilities in the mechanism of work of processors is published. The attack is based on the principles of the Spectre operation and consists in restoring the data in the processor cache when the instructions are speculative. Chrome introduces strict isolation of sites.

How it works

Specter 1.1
It is based on the principles of the Specter 1. Unlike the previously identified vulnerability, the code is executed, not read. This causes the buffer to overflow and cache the results. This method of attacks allow to restore the contents of the cache and send information to third-party channels that analyze the access time to the cached and not pro-cached data.

Specter 1.2.
The principle of operation is similar to the execution of Spectra 1 scenarios, but memory areas with a "read only" flag are used. In doing so, Specter 1.2 only achieves the definition of pointer and metadata values ​​to bypass the constraints of sandbox environments.

Solution

The available methods for eliminating vulnerabilities require further development and modernization. One of the many scenarios involves adding LFENCE instructions to the application compilation process or at the hardware level. In addition, existing buffer overflow modes can also be an effective protection against vulnerabilities.

Browsers

Chrome / Chromium, Edge, Safari and other browsers based on WebKit and Blink are under the thread. It is based on opening a page with a decorated JavaScript code and forms in JIT the necessary set of instructions for the attacker. This code execution script allows to read the contents of the process address space and get information about stored keys and passwords.

In this regard, Google introduces strict isolation of sites for 99% of users of Chrome 67. The mechanism is to place different pages of sites in the memory of different processors using a personal safe execution environment. The introduction of the strict isolation mode will increase the processor's memory consumption by the browser by 10-13%.

Node.js v12.0.0 to be Rolled Out

It has giant list of updates, improvements and changes
24 April 2019   128

The release of Node.js 12.0.0, a platform for executing network applications in JavaScript, is available. Node.js 12.0 refers to branches with a long period of support, but this status will be assigned only in October, after stabilization. Updates for LTS branches are issued for 3 years. Support for the last LTS branch of Node.js 10.0 will last until April 2021, and the year before last LTS-branch 8.0 until January 2020. Support for the intermediate branch Node.js 11.0 will be discontinued in June 2019. The lifetime of the LTS branch 6.0 will end on April 30.

These are some of the large list of updates and new staff:

  • V8 engine was updated to version 7.4 with support for asynchronous stack traces, increasing await performance, parsing JavaScript and calls when the actual and declared number of arguments does not match;
  • TLS 1.3 is now supported in the tls module and TLS 1.0 / 1.1 is shutdown by default;
  • Enhancing protection and checks on the size of allocated memory in the Buffer class;

Get more info at official website.