Google: This Spectre proof-of-concept shows how dangerous these attacks can be
Google issues a new warning about Spectre attacks using JavaScript to leak data from one site to another.
March 15, 2021 11:27 GMT (04:27 PDT) | Topic: Security
Google has released a proof of concept (PoC) code to demonstrate the practicality of Spectre side-channel attacks against a browser s JavaScript engine to leak information from its memory.
Google in 2018 detailed two variants of Spectre, one of which – dubbed variant 1 (CVE-2017-5753) – concerned Javascript exploitation against browsers. Spectre targeted the process in modern CPUs called speculative execution to leak secrets such as passwords from one site to another malicious site.