uh oh... exploit effects windows, linux AND apple

http://www.hardocp.com/news.html?news=MzM3MTQsLCxoZW50aHVzaWFzdCwsLDE=

Security researcher Kris Kaspersky says he has plans to demonstrate how an attacker can exploit a flaw in Intel processors to remotely attack a computer using JavaScript or TCP/IP packets, regardless of what operating system the computer is running.

Kaspersky will demonstrate how such an attack can be made in a presentation at the upcoming Hack In The Box (HITB) Security Conference in Kuala Lumpur, Malaysia, during October. The proof-of-concept attacks will show how processor bugs, called errata, can be exploited using certain instruction sequences and a knowledge of how Java compilers work, allowing an attacker to take control of the compiler.

AMD need not apply

meh

If Intel has issues…AMD will likely have similar issues…will be interesting to see the PoC.

javascript or tcp/ip? pretty wide range of technologies… i think they mean java… either that or this whole article is bs… javascript would have to be on a per browser basis.

Its processor based…they are used tcp/ip/java to get them to issue what ever malicious data to the processor.

Yeah, its processor based so why is it limited to javascript? I don’t think you can even execute byte code with javascript…

^ I assume because it platform independent

I really don’t know about the technical details though

javascript isn’t executed by the OS though, its ran through the browsers javascript engine… The engine would have to be broken on every single browser if that was the case. Now if they are talking about java, that is OS independent, and can execute byte code. Two completely different technologies, you would think that a security research firm or whatever would know that…

Edit: read the article, im pretty sure they are talking about java and NOT javascript