March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Latest Trickbot Campaign Delivered via Highly Obfuscated JS File
August 7, 2019Rewterz Threat Advisory – CVE-2019-0887 – Remote Desktop Services Remote Code Execution Vulnerability
August 8, 2019Rewterz Threat Alert – Latest Trickbot Campaign Delivered via Highly Obfuscated JS File
August 7, 2019Rewterz Threat Advisory – CVE-2019-0887 – Remote Desktop Services Remote Code Execution Vulnerability
August 8, 2019
Severity
High
Analysis Summary
The vulnerability dubbed “Spectre” affected microprocessors that performed branch prediction as a method of improving system performance when evaluating complex instruction paths run by the CPU. These processors would speculate on the most likely choice when presented with a series of choices. These choices could act on private data and bring this data into cache. A careful observer of access times could use the timing of these actions to infer the contents of the speculatively accessed memory by observing timing results (commonly referred to as a timing attack).
The specific instruction of interest (SWAPGS) is only available on the x86-64 architecture, as such only x86-64 platform vendors (Intel and AMD) are known to be affected.
Impact
- Information theft
- Exposure of sensitive information
Affected Vendors
- Intel
- Amd
Remediation
There is no known complete mitigation other than updating the kernel and rebooting the system.