|
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
-
Google’s JavaScript team: Spectre mitigation doomed to failure
That isn’t exactly what they said, but it’s pretty close. Here’s what they do say:
A year with Spectre… When it was shown that JavaScript could be used to mount Spectre attacks, the V8 team became involved in tackling the problem… offensive research [from the white and gray hats] advanced much faster than our defensive research, and we quickly discovered that software mitigation of all possible leaks due to Spectre was infeasible… the engineering effort diverted to combating Spectre was disproportionate to its threat level… the increasingly complicated mitigations that we designed and implemented carried significant complexity, which is technical debt and might actually increase the attack surface, and performance overheads… We still know of no attacks in the wild, outside of the curious tinkerers and professional researchers developing proof of concept gadgets
Make no mistake, Meltdown and Spectre could become nightmares. At some point in the far future. For now, don’t worry about it, OK?
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
Trying to backup Win 10 computer to iCloud
by 1 hour, 52 minutes ago
-
Windows 11 Insider Preview build 26200.5570 released to DEV
by 11 hours, 38 minutes ago
-
Windows 11 Insider Preview build 26120.3941 (24H2) released to BETA
by 13 hours, 26 minutes ago
-
Windows 11 Insider Preview Build 22635.5305 (23H2) released to BETA
by 13 hours, 27 minutes ago
-
No April cumulative update for Win 11 23H2?
by 15 hours, 45 minutes ago
-
AugLoop.All (TEST Augmentation Loop MSIT)
by 13 hours, 58 minutes ago
-
Boot Sequence for Dell Optiplex 7070 Tower
by 1 day, 5 hours ago
-
OTT Upgrade Windows 11 to 24H2 on Unsupported Hardware
by 1 day, 8 hours ago
-
Inetpub can be tricked
by 1 day, 9 hours ago
-
How merge Outlook 2016 .pst file w/into newly created Outlook 2024 install .pst?
by 2 hours, 30 minutes ago
-
FBI 2024 Internet Crime Report
by 1 day, 12 hours ago
-
Perplexity CEO says its browser will track everything users do online
by 1 day ago
-
Login issues with Windows Hello
by 1 day, 23 hours ago
-
How to get into a manual setup screen in 2024 Outlook classic?
by 1 day, 11 hours ago
-
Linux : ARMO rootkit “Curing”
by 2 days, 11 hours ago
-
Employee monitoring app leaks 21 million screenshots in real time
by 2 days, 11 hours ago
-
Google AI is now hallucinating idioms
by 2 days, 11 hours ago
-
april update
by 15 hours, 58 minutes ago
-
Windows 11 Insider Preview build 27842 released to Canary
by 2 days, 12 hours ago
-
Quick Fix for Slowing File Explorer
by 2 days, 12 hours ago
-
WuMgr not loading?
by 1 day, 8 hours ago
-
Word crashes when accessing Help
by 16 minutes ago
-
New Microsoft Nag — Danger! Danger! sign-in to your Microsoft Account
by 2 days, 12 hours ago
-
Blank Inetpub folder
by 2 days, 9 hours ago
-
Google : Extended Repair Program for Pixel 7a
by 2 days, 22 hours ago
-
Updates seem to have broken Microsoft Edge
by 2 days, 9 hours ago
-
Wait command?
by 2 days, 16 hours ago
-
Malwarebytes 5 Free version manual platform updates
by 3 days, 5 hours ago
-
inetpub : Microsoft’s patch for CVE-2025–21204 introduces vulnerability
by 3 days, 12 hours ago
-
Windows 10 finally gets fix
by 3 days, 21 hours ago
Remembering Woody
