Something is brewing: A CPU bug risks virtual memory segmentation

At any given moment, attack and defense are in a cat and mouse game where each side gains a momentary advantage. What we’ve recently seen over the past few months is a situation where defense is playing catch-up with what appears to be a serious hardware bug.

Current speculations suggest that a serious CPU bug might allow code running in user space to read kernel space memory. Such capability will make it much easier for attackers to exploit other security bugs that exist in the system or read sensitive system data. Another speculative guess suggests that the bug allows one virtual machine an introspection into another virtual machine memory. This attack vector puts in danger virtual environments such as Amazon EC2 and Azure Hyper-V where multiple tenants can co-exist on a single physical machine.

Read more