{"vulnerability": "CVE-2017-5715", "sightings": [{"uuid": "0c48a269-c6af-47a0-9a6f-1d2152dff936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "MISP/5bef0001-cbc8-4ffd-b610-2f6e0a021402", "content": "", "creation_timestamp": "2018-11-16T17:39:31.000000Z"}, {"uuid": "5800bf11-6752-4d6e-9bba-be46b96cfc5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "MISP/9b06cb48-44e8-4fb3-ab5f-dd86f0cef2bf", "content": "", "creation_timestamp": "2024-11-14T06:08:00.000000Z"}, {"uuid": "f0624243-e94e-4ad6-b92b-a1efcc41afdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://gist.github.com/eplord/d70b16600e5a9ae87e57bbfbf2d45eac", "content": "", "creation_timestamp": "2025-01-26T08:13:49.000000Z"}, {"uuid": "5b1f610f-220e-4890-8c6a-dd897c988548", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://gist.github.com/eplord/c2619f99edd1fd90f026a47bd2a689b3", "content": "", "creation_timestamp": "2025-01-31T20:01:20.000000Z"}, {"uuid": "c5e2324b-2b8b-4cc7-a0b1-39bd2db73337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://gist.github.com/o9-9/cb201e5756f243f8ec77f5c6a50903fa", "content": "", "creation_timestamp": "2025-04-13T13:35:50.000000Z"}, {"uuid": "020cdc35-7f58-4f32-a97e-fd3dba5d910c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/N0iSeBit/55", "content": "\u0415\u0449\u0435 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043c\u0438\u043a\u0440\u043e\u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u043d\u044b\u0445 \u0431\u0430\u0433\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441\u043e \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u043c\u0438 \u0432\u044b\u0447\u0438\u0441\u043b\u0435\u043d\u0438\u044f\u043c\u0438. \u0418\u0442\u0430\u043a, \u0432 \u0445\u0440\u043e\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435: \n    Variant 1: Bounds Check Bypass \u2013 CVE-2017-5753\n    Variant 2: Branch Target Injection \u2013 CVE-2017-5715\n    Variant 3: Rogue Data Cache Load \u2013 CVE-2017-5754\n    Variant 3a: Rogue System Register Read \u2013 CVE-2018-3640  \n    Variant 4: Speculative Store Bypass \u2013 CVE-2018-3639\n\u0421\u0435\u0433\u043e\u0434\u043d\u044f Google P0 \u043e\u0431\u043d\u0430\u0440\u043e\u0434\u043e\u0432\u0430\u043b \u043d\u043e\u0432\u044b\u0439 \u0442\u0438\u043f \u0430\u0442\u0430\u043a \u0432\u0430\u0440\u0438\u0430\u043d\u0442 4, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0440\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u0441\u043e \u0441\u0442\u0435\u043a\u0430 \u0438\u0437 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0435\u0441\u0442, \u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0442\u0435\u0445 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043e\u0436\u0438\u0434\u0430\u0435\u0442 CPU. \u0412 \u0438\u0442\u043e\u0433\u0435 \u0438\u043c\u043f\u0430\u043a\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439: 1) \u0427\u0442\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 2) \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \"\u0441\u0442\u0430\u0440\u044b\u0445\" \u043a\u043e\u043c\u0430\u043d\u0434 \u0438\u0437 \u043a\u044d\u0448\u0430.  https://bugs.chromium.org/p/project-zero/issues/detail?id=1528", "creation_timestamp": "2018-05-22T07:26:30.000000Z"}, {"uuid": "969cdc17-854f-4fb2-ab1e-e74ab304c84b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=259", "content": "", "creation_timestamp": "2018-01-12T04:00:00.000000Z"}, {"uuid": "2f804527-de44-4d0d-bfe6-50a67e734252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/BleepingComputer/2530", "content": "Here We Go Again: Intel Releases Updated Spectre Patches\n\nIn a press release on Tuesday, Intel announced it resumed the deployment of CPU microcode firmware updates. These updates are meant to mitigate the Spectre Variant 2 vulnerability \u2014CVE-2017-5715. [...]\n\nhttps://www.bleepingcomputer.com/news/hardware/here-we-go-again-intel-releases-updated-spectre-patches/", "creation_timestamp": "2018-02-22T12:55:09.000000Z"}, {"uuid": "6f1fcc8c-7215-4a69-878e-dd5b158320b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/BleepingComputer/2426", "content": "Microsoft Issues Windows Out-of-Band Update That Disables Spectre Mitigations\n\nMicrosoft has issued on Saturday an emergency out-of-band Windows update that disables patches for the Spectre Variant 2 bug (CVE-2017-5715). [...]\n\nhttps://www.bleepingcomputer.com/news/microsoft/microsoft-issues-windows-out-of-band-update-that-disables-spectre-mitigations/", "creation_timestamp": "2018-01-29T00:40:06.000000Z"}, {"uuid": "94a334e5-9526-46e9-a5cd-36ed638c0f89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/BleepingComputer/2742", "content": "AMD Releases Spectre v2 Microcode Updates for CPUs Going Back to 2011\n\nAMD has released CPU microcode updates for processors affected by the Spectre variant 2 (CVE-2017-5715) vulnerability. The company has forwarded these microcode updates to PC and motherboard makers to include them in BIOS updates. [...]\n\nhttps://www.bleepingcomputer.com/news/hardware/amd-releases-spectre-v2-microcode-updates-for-cpus-going-back-to-2011/", "creation_timestamp": "2018-04-11T10:01:27.000000Z"}, {"uuid": "1b95c660-5b5a-49b9-ab48-17f8449b9c85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/BleepingComputer/2305", "content": "List of Meltdown and Spectre Vulnerability Advisories, Patches, &amp; Updates\n\nThis article contains an continuously updated list of advisories, bulletins, and software updates related to the Meltdown and Spectre vulnerabilities discovered in modern processors. The related CVEs are CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754. [...]\n\nhttps://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/", "creation_timestamp": "2018-01-04T04:07:06.000000Z"}, {"uuid": "ae9da6dd-e46b-4b7e-ae93-578db43fe48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/BleepingComputer/5048", "content": "Windows 10 Spectre 2 Mitigation Now Uses Retpoline By Default\n\nIf you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Microsoft has now enabled the Retpoline Spectre mitigation feature\u00a0by default in Windows 10 version 1809 (October 2018 Update) for better performance. [...]\n\nhttps://www.bleepingcomputer.com/news/security/windows-10-spectre-2-mitigation-now-uses-retpoline-by-default/", "creation_timestamp": "2019-05-15T10:42:27.000000Z"}, {"uuid": "2e65a569-5bcb-4078-be5a-c937b3d0f0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://gist.github.com/corviv/5b0f46dbc5cbeaccd6b23d65ee6b40bd", "content": "", "creation_timestamp": "2026-02-06T17:41:38.000000Z"}, {"uuid": "1f74919f-54f3-40c6-ad4f-a05946793370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/meltdown-ja-spectre-hyokkaykset-hyodyntavat-prosessorien-ongelmia", "content": "", "creation_timestamp": "2018-12-31T06:05:10.000000Z"}, {"uuid": "fe837464-b135-4d47-9031-7fdabf07a7c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/BleepingComputer/2388", "content": "Red Hat Will Revert Spectre Patches After Receiving Reports of Boot Issues\n\nRed Hat is releasing updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot. [...]\n\nhttps://www.bleepingcomputer.com/news/security/red-hat-will-revert-spectre-patches-after-receiving-reports-of-boot-issues/", "creation_timestamp": "2018-01-20T01:15:05.000000Z"}, {"uuid": "819452ad-afbb-43db-bf84-5d66abf6765b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "Telegram/dH9nJ24NArfkzignkNO3yFmaQA3HGs-6knNrGNPBh_LX2f1X", "content": "", "creation_timestamp": "2021-01-22T17:58:15.000000Z"}, {"uuid": "d8e77910-98ee-40ec-909a-8967abaf8241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/alexmakus/1635", "content": "\u0418 \u0435\u0449\u0435 \u0445\u043e\u0440\u043e\u0448\u0438\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 iOS \u2014\u00a0\u0432\u044b\u0448\u0435\u043b \u0430\u043f\u0434\u0435\u0439\u0442 iOS 11.2.2, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Spectre. \u0422\u0430\u043c, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0430\u043f\u043e\u043c\u043d\u044e, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JavaScript \u043c\u043e\u0433 \u0432\u043e\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043f\u0430\u043c\u044f\u0442\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \u0412\u044b \u0437\u043d\u0430\u0435\u0442\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c! \n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation\n\nDescription: iOS 11.2.2 includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).\n\nhttps://support.apple.com/en-us/HT208401", "creation_timestamp": "2018-01-08T19:36:47.000000Z"}, {"uuid": "6a8d4a6d-1ce5-4e87-b480-8b439d5b5363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/2723", "content": "\u200b\u200b\u0413\u0440\u0443\u043f\u043f\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u0410\u043c\u0441\u0442\u0435\u0440\u0434\u0430\u043c\u0441\u043a\u043e\u0433\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0432 \u041d\u0438\u0434\u0435\u0440\u043b\u0430\u043d\u0434\u0430\u0445 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 Spectre, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b, \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c\u0438 Intel, AMD \u0438 Arm \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f\u00a0\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Spectre \u0438 Meltdown\u00a0\u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2018 \u0433\u043e\u0434\u0430, \u0441\u0430\u043c\u044b\u043c \u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u0442\u0430\u043b Spectre v2 (\u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0439 \u043a\u0430\u043a CVE-2017-5715) \u0438\u043b\u0438 Spectre BTI (Branch Target Injection).\n\n\u0412\u043d\u043e\u0432\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0442\u043e\u0434\u044b \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u0435, \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0438\u0437 \u043f\u0430\u043c\u044f\u0442\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u0435 \u0444\u0440\u0430\u0433\u043c\u0435\u043d\u0442\u044b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u043c\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435\u00a0Retpoline, Enhanced Indirect Branch Restricted Speculation (eIBRS) \u0438\u00a0Arm\u00a0CSV2.\n\n\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VU Amsterdam \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u0434\u0435\u0442\u0430\u043b\u044f\u043c\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u0440\u043e\u0434\u0430 \u00ab\u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f Spectre v2\u00bb.\u00a0\u041d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Branch History Injection (BHI) \u0438\u00a0Spectre-BHB. \u041e\u043d \u043e\u0431\u0445\u043e\u0434\u0438\u0442 \u043a\u0430\u043a eIBRS, \u0442\u0430\u043a \u0438 CSV2.\u00a0\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0431\u044b\u043b \u043d\u0430\u0439\u0434\u0435\u043d \u0438 \u0434\u0440\u0443\u0433\u043e\u0439 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u043e\u0442\u043b\u0438\u0447\u0430\u044e\u0449\u0438\u0439\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u043d\u0442 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 Intra-mode BTI (IMBTI).\n\n\u0410\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u0437\u0430\u0449\u0438\u0442\u044b \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043f\u0440\u0435\u0434\u0438\u043a\u0442\u043e\u0440\u044b \u0434\u043b\u044f \u044f\u0434\u0440\u0430. \u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u0440\u0435\u0434\u0438\u043a\u0442\u043e\u0440 \u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u0431\u0440\u0430\u0442\u044c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438 \u0434\u043b\u044f \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f.\u00a0\u0424\u0440\u0430\u0433\u043c\u0435\u043d\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0449\u0443\u044e \u0438\u0441\u0442\u043e\u0440\u0438\u044e \u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u0439, \u0445\u0440\u0430\u043d\u044f\u0449\u0443\u044e\u0441\u044f \u0432 \u0431\u0443\u0444\u0435\u0440\u0435 \u0438\u0441\u0442\u043e\u0440\u0438\u0438 \u0432\u0435\u0442\u0432\u0435\u0439 \u0426\u041f (BHB), \u0434\u043b\u044f \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u043d\u0430 \u043d\u0435\u0432\u0435\u0440\u043d\u043e \u043f\u0440\u0435\u0434\u0441\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0435 \u0432\u0435\u0442\u043a\u0438 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0436\u0435\u0440\u0442\u0432\u044b, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e.\n\nIntel \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u043e\u0431\u0437\u043e\u0440\u043d\u044b\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u00a0\u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043d\u043e\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0447\u0438\u043f\u043e\u0432 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u043a\u0430\u043a CVE-2022-0001 \u0438 CVE-2022-0002.\u00a0\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c \u0431\u044b\u043b \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u00ab\u0441\u0440\u0435\u0434\u043d\u0438\u0439\u00bb. Intel \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0431\u0443\u0434\u0443\u0449\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b, \u043a\u0430\u043a \u043e\u0436\u0438\u0434\u0430\u0435\u0442\u0441\u044f, \u0431\u0443\u0434\u0443\u0442 \u0432\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u043e\u0442 \u0430\u0442\u0430\u043a BHI, \u0430 \u043f\u043e\u043a\u0430 \u0447\u0442\u043e \u043e\u043d\u0430 \u043e\u043f\u0438\u0441\u0430\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f.\n\nArm \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u0432\u043e\u0438\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0435\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f.\u00a0Arm \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spectre-BHB \u043a\u0430\u043a CVE-2022-23960.\n\n\u041f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b AMD \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0432\u043b\u0438\u044f\u043d\u0438\u044e Spectre-BHB.\u00a0\u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 grsecurity \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438\u00a0\u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u0438 \u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u044b.\u00a0\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2021-26341, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435\u043c \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439 \u0432\u0435\u0442\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445.\u00a0AMD \u043f\u043e \u044d\u0442\u043e\u043c\u0443 \u043f\u043e\u0432\u043e\u0434\u0443 \u0442\u043e\u0436\u0435 \u0432\u044b\u0434\u0430\u043b\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e CVE, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442 \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043f\u0435\u043a\u0443\u043b\u044f\u0446\u0438\u044f\u043c\u0438 \u043d\u0430 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u0430\u0445.\n\n\u041f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u043c \u0432\u0430\u0448\u0435\u043c\u0443 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0438 - \u0437\u0434\u0435\u0441\u044c", "creation_timestamp": "2022-03-11T16:40:00.000000Z"}, {"uuid": "2e701508-30d7-45ff-aeae-00badac6916e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/arpsyndicate/1952", "content": "#ExploitObserverAlert\n\nCVE-2017-5715\n\nDESCRIPTION: Exploit Observer has 195 entries related to CVE-2017-5715. Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\n\nFIRST-EPSS: 0.975150000\nNVD-IS: 4.0\nNVD-ES: 1.1", "creation_timestamp": "2023-12-18T09:03:41.000000Z"}, {"uuid": "e858d79a-63c3-41ac-9c45-4ac89acab514", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/arpsyndicate/1801", "content": "#ExploitObserverAlert\n\nCVE-2017-5715\n\nDESCRIPTION: Exploit Observer has 195 entries related to CVE-2017-5715. Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.\n\nFIRST-EPSS: 0.975480000\nNVD-IS: 4.0\nNVD-ES: 1.1", "creation_timestamp": "2023-12-12T11:34:00.000000Z"}, {"uuid": "ce2fa576-e7f0-48d4-a50e-5d617df9dd0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/information_security_channel/14241", "content": "Microsoft Releases More Patches for Meltdown, Spectre\nhttp://feedproxy.google.com/~r/Securityweek/~3/1BeuylZzoq0/microsoft-releases-more-patches-meltdown-spectre\n\nMicrosoft informed users on Tuesday that it released additional patches for the CPU vulnerabilities known as Meltdown and Spectre, and removed antivirus compatibility checks in Windows 10.\nMeltdown and Spectre allow malicious applications to bypass memory isolation and access sensitive data. Meltdown attacks are possible due to CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). Meltdown and Spectre Variant 1 can be resolved with software updates, but Spectre Variant 2 requires microcode patches.\nIn addition to software mitigations (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002), Microsoft recently started providing microcode patches as well. It initially delivered (https://www.securityweek.com/windows-updates-deliver-intels-spectre-microcode-patches) Intel\u2019s microcode updates to devices running Windows 10 Fall Creators Update and Windows Server 2016 (1709) with Skylake processors.\nNow that Intel has developed and tested patches (https://www.securityweek.com/intel-releases-spectre-patches-broadwell-haswell-cpus) for many of its products, Microsoft has also expanded the list of processors (https://support.microsoft.com/en-us/help/4093836/summary-of-intel-microcode-updates) covered by its Windows 10 and Windows Server 2016 updates. Devices with Skylake, Coffee Lake and Kaby Lake CPUs can now receive the microcode updates from Intel via the Microsoft Update Catalog.\nMicrosoft also informed customers (https://blogs.windows.com/windowsexperience/2018/03/13/march-2018-windows-security-update-expanding-our-efforts-to-protect-customers/#sqXx51Yt7wiBOwzm.97) on Tuesday that software patches for the Meltdown vulnerability are now available for x86 editions of Windows 7 and Windows 8.1.\nThe company has also decided to remove the antivirus compatibility checks in Windows 10. The decision to introduce these checks came after the tech giant noticed that some security products had created compatibility issues with the Meltdown patches. This resulted in users not receiving security updates unless their AV vendor made some changes.\nMicrosoft has determined that this is no longer an issue on Windows 10 so the checks have been removed. On other versions of the operating system, users will still not receive updates if their antivirus is incompatible.\nMicrosoft\u2019s Patch Tuesday updates for March 2018 (https://www.securityweek.com/microsoft-patches-over-dozen-critical-browser-flaws) fix over 70 flaws, including more than a dozen critical bugs affecting the company\u2019s Edge and Internet Explorer web browsers.\nRelated: Microsoft Disables Spectre Mitigations Due to Instability (https://www.securityweek.com/microsoft-disables-spectre-mitigations-due-instability)\nRelated: Microsoft, Intel Share Data on Performance Impact of CPU Flaw Patches (https://www.securityweek.com/microsoft-intel-share-data-performance-impact-cpu-flaw-patches)", "creation_timestamp": "2018-03-14T15:55:35.000000Z"}, {"uuid": "0b53043f-3328-45bb-8237-2d4cea07f801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/legened/2574", "content": "\u0623\u0647\u0645 2 \u0646\u0642\u0627\u0637 \u0636\u0639\u0641 \u0645\u0639\u0631\u0648\u0641\u0629 \u0648\u0627\u0644\u062a\u064a \u062a\u0634\u0643\u0644 \u062a\u0647\u062f\u064a\u062f\u0627 \u0644\u0648\u0636\u0639\u0643 \u0627\u0644\u0627\u0645\u0646\u064a \u062d\u062a\u064a \u0627\u0644\u0627\u0646 2021 ! \n\n\n1. CVE-2019-0708\n\n\u0627\u0644\u0627\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u062a\u0627\u062b\u0631\u0629 : \u0645\u0627\u064a\u0643\u0631\u0648\u0633\u0648\u0641\u062a \u0648 \u0648\u064a\u0646\u062f\u0648\u0632 \n\n\u0627\u0644\u0648\u0635\u0641 :\n\n\u062a\u0648\u062c\u062f \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u0641\u064a \u062e\u062f\u0645\u0627\u062a \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 \u0633\u0627\u0628\u0642\u0627 \u0628\u0627\u0633\u0645 \u0627\u0644\u062e\u062f\u0645\u0627\u062a \u0627\u0644\u0637\u0631\u0641\u064a\u0629 \u0639\u0646\u062f\u0645\u0627 \u064a\u062a\u0635\u0644 \u0645\u0647\u0627\u062c\u0645 \u063a\u064a\u0631 \u0645\u0635\u0627\u062f\u0642 \u0628\u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u0633\u062a\u0647\u062f\u0641 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 RDP \u0648\u064a\u0631\u0633\u0644 \u0637\u0644\u0628\u0627\u062a \u0645\u0635\u0645\u0645\u0629 \u062e\u0635\u064a\u0635\u0627 \u0648\u064a\u0639\u0631\u0641 \u0623\u064a\u0636\u0627 \u0628\u0627\u0633\u0645 \"\u062b\u063a\u0631\u0629 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0646 \u0628\u0639\u062f \u0644\u062e\u062f\u0645\u0627\u062a \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f ! \n\n\u062a\u0627\u062b\u064a\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 \u061b\n\n\u062a\u0623\u062b\u064a\u0631 \u064a\u0645\u0643\u0646 \u0644\u0627\u064a \u0634\u062e\u0635 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u064a\u0632\u0629 \u0633\u0637\u062d \u0627\u0644\u0645\u0643\u062a\u0628 \u0627\u0644\u0628\u0639\u064a\u062f \u0645\u0646 Windows \u0644\u062a\u0633\u062c\u064a\u0644 \u0627\u0644\u062f\u062e\u0648\u0644 \u0627\u0644\u064a \u062c\u0647\u0627\u0632 \u0627\u0644\u0643\u0645\u0628\u064a\u0648\u062a\u0631 \u0627\u0644\u062e\u0627\u0635 \u0628\u0643 \u0648\u0627\u0644\u062a\u062d\u0643\u0645. \u0647\u0646\u0627\u0643 \u0627\u0641\u0634\u0627\u0621 \u0643\u0627\u0645\u0644 \u0644\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0645\u0645\u0627 \u0627\u062f\u0649 \u0627\u0644\u064a \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u062c\u0645\u064a\u0639 \u0645\u0644\u0641\u0627\u062a \u0627\u0644\u0646\u0638\u0627\u0645 !\n\n2. CVE-2017-5715\n\n\u0627\u0644\u0627\u0646\u0638\u0645\u0629 \u0627\u0644\u0645\u062a\u0627\u062b\u0631\u0629 : ARM, Intel\u202f\n\n\u0648\u0635\u0641: \n\n\u0642\u062f \u062a\u0633\u0645\u062d \u0627\u0644\u0627\u0646\u0638\u0645\u0629 \u0630\u0627\u062a \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0627\u062a \u0627\u0644\u062f\u0642\u064a\u0642\u0629 \u0627\u0644\u062a\u064a \u062a\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u062e\u0645\u064a\u0646\u064a \u0648\u0627\u0644\u062a\u0646\u0628\u0648 \u0628\u0627\u0644\u0641\u0631\u0639 \u063a\u064a\u0631 \u0627\u0644\u0645\u0628\u0627\u0634\u0631 \u0628\u0627\u0644\u0643\u0634\u0641 \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0631\u062d \u0628\u0647 \u0639\u0646 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0644\u0645\u0647\u0627\u062c\u0645 \u0645\u0639 \u0648\u0635\u0648\u0644 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0639\u0628\u0631 \u062a\u062d\u0644\u064a\u0644 \u0627\u0644\u0642\u0646\u0627\u0629 \u0627\u0644\u062c\u0627\u0646\u0628\u064a\u0629\u060c\n\n\u062a\u0627\u062b\u064a\u0631 \u0627\u0644\u062b\u063a\u0631\u0629 :\n\n\u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u062a\u0634\u063a\u064a\u0644 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0645\u0639\u062f\u0629 \u062e\u0635\u064a\u0635\u0627 \u0644\u062c\u0639\u0644 \u0648\u062d\u062f\u0629 \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0645\u0631\u0643\u0632\u064a\u0629 \u062a\u0642\u0648\u0645 \u0639\u0644\u0649 \u0646\u062d\u0648 \u062a\u062e\u0645\u064a\u0646\u064a \u0628\u062a\u0646\u0641\u064a\u0630 \u0641\u0631\u0639 \u063a\u064a\u0631 \u0645\u0628\u0627\u0634\u0631 \u0644\u062a\u0633\u0631\u064a\u0628 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0630\u0627\u0643\u0631\u0629 \u0645\u0646 \u0639\u0645\u0644\u064a\u0629 \u0627\u062e\u0631\u0649 \u0627\u0644\u064a \u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0645\u0648\u0642\u062a \u0644\u0648\u062d\u062f\u0629 \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0645\u0631\u0643\u0632\u064a\u0629 \u062b\u0645 \u0642\u0631\u0627\u0621\u0629 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u062a\u062e\u0632\u064a\u0646 \u0627\u0644\u0645\u0648\u0642\u062a [CVE-2017-5715]. \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0639\u0631\u0636 \u0645\u062d\u062a\u0648\u064a\u0627\u062a \u0627\u0644\u0630\u0627\u0643\u0631\u0629 \u0627\u0644\u0638\u0627\u0647\u0631\u064a\u0629 \u0627\u0644\u062a\u0639\u0633\u0641\u064a\u0629 \u0639\u0644\u0649 \u062c\u0647\u0627\u0632 \u0648\u062d\u062f\u0629 \u0627\u0644\u0645\u0639\u0627\u0644\u062c\u0629 \u0627\u0644\u0645\u0631\u0643\u0632\u064a\u0629 \u0627\u0644\u0647\u062f\u0641 [\u0648\u0627\u0644\u0630\u064a \u064a\u0645\u0643\u0646 \u0627\u0646 \u064a\u0648\u062f\u064a \u0627\u0644\u064a \u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0645\u0631\u062a\u0641\u0639\u0629 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0647\u062f\u0641] !", "creation_timestamp": "2021-01-23T12:58:53.000000Z"}, {"uuid": "1036b405-d3aa-401f-9a89-812d45ff0d4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/cibsecurity/38796", "content": "\u203c CVE-2021-26401 \u203c\n\nLFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-11T20:14:52.000000Z"}, {"uuid": "2b1a056d-a703-4bd2-9e06-6bb49c9bbd39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/information_security_channel/15835", "content": "Intel Will Not Patch Spectre in Some CPUs\nhttp://feedproxy.google.com/~r/Securityweek/~3/_caUX5KtHj0/intel-will-not-patch-spectre-some-cpus\n\nIntel has informed customers that some of the processors affected by the Meltdown and Spectre vulnerabilities will not receive microcode updates due to issues related to implementation and other factors.\nTwo weeks after announcing that microcode updates have been made available for all recent processors (https://www.securityweek.com/intel-shares-details-new-cpus-spectre-meltdown-protections) vulnerable to speculative execution side-channel attacks, Intel updated its microcode revision guidance  (https://newsroom.intel.com/wp-content/uploads/sites/11/2018/04/microcode-update-guidance.pdf)to say that some chips will not receive patches.\nThe list includes Core, Xeon, Celeron, Pentium, and Atom processors with Bloomfield (Xeon), Clarksfield, Gulftown, Harpertown Xeon, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale (Xeon) and Yorkfield (Xeon) microarchitectures. These products have been assigned a \u201cstopped\u201d status, which indicates they will not receive updates due to one or more reasons.\nIntel says it has conducted a comprehensive investigation of the microarchitecture and microcode capabilities of these CPUs and determined that some of their characteristics prevent a practical implementation of mitigations for Spectre Variant 2 (CVE-2017-5715).\nOther possible reasons for not releasing fixes include limited commercially available system software support and low risk of attacks.\n\u201cBased on customer inputs, most of these products are implemented as \u2018closed systems\u2019 and therefore are expected to have a lower likelihood of exposure to these vulnerabilities,\u201d Intel explained.\nIntel revealed recently that its upcoming processors for data centers and PCs will include built-in protections (https://www.securityweek.com/intel-shares-details-new-cpus-spectre-meltdown-protections) against Meltdown (Variant 3) and Spectre (Variant 2) attacks. The chip giant expects to roll out these protections in the second half of 2018.\n\u201cWe have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3,\u201d explained Intel CEO Brian Krzanich. \u201cThink of this partitioning as additional \u2018protective walls\u2019 between applications and user privilege levels to create an obstacle for bad actors.\u201d\nDozens of lawsuits (https://www.securityweek.com/over-30-lawsuits-filed-against-intel-cpu-flaws) have been filed against Intel by customers and shareholders over the disclosure and handling of Meltdown and Spectre.\nRelated: IBM Releases Spectre, Meltdown Patches for Power Systems (https://www.securityweek.com/ibm-releases-spectre-meltdown-patches-power-systems)\nRelated: New AMD Processors to Include Protections for Spectre-like Exploits (https://www.securityweek.com/new-amd-processors-include-protections-spectre-exploits)\nRelated: Microsoft, Intel Share Data on Performance Impact of CPU Flaw Patches (https://www.securityweek.com/microsoft-intel-share-data-performance-impact-cpu-flaw-patches)", "creation_timestamp": "2018-04-04T13:46:16.000000Z"}, {"uuid": "564c37c8-8170-4449-9825-85388bb84ee0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/information_security_channel/14437", "content": "In late January, Krzanich revealed that the company had started working on processors with\u00a0built-in protections (https://www.securityweek.com/intel-working-cpus-meltdown-spectre-protections) for attacks similar to Meltdown and Spectre. Additional details have now been provided and Intel even published a video (https://www.youtube.com/watch?v=pi2ftnlfImo) that explains on a high level how these side-channel attacks work and how it plans on preventing them.\nMeltdown attacks rely on a vulnerability identified as CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). Meltdown and Variant 1 can be addressed with software patches, but Variant 2 also requires microcode updates.\nIntel\u2019s new CPUs, both for data centers and PCs, will be redesigned to protect against Meltdown and Spectre Variant 2.\n\u201cWe have redesigned parts of the processor to introduce new levels of protection through partitioning that will protect against both Variants 2 and 3. Think of this partitioning as additional \u2018protective walls\u2019 between applications and user privilege levels to create an obstacle for bad actors,\u201d Krzanich explained.\nThese protections are expected to become available in the second half of the year with the release of Intel Xeon Scalable (Cascade Lake) and 8th Generation Intel Core processors.\n\u201cAs we bring these new products to market, ensuring that they deliver the performance improvements people expect from us is critical. Our goal is to offer not only the best performance, but also the best secure performance,\u201d Krzanich said.\nRelated: IBM Releases Spectre, Meltdown Patches for Power Systems (https://www.securityweek.com/ibm-releases-spectre-meltdown-patches-power-systems)\nRelated: New AMD Processors to Include Protections for Spectre-like Exploits (https://www.securityweek.com/new-amd-processors-include-protections-spectre-exploits)\nRelated: Microsoft, Intel Share Data on Performance Impact of CPU Flaw Patches (https://www.securityweek.com/microsoft-intel-share-data-performance-impact-cpu-flaw-patches)", "creation_timestamp": "2018-03-15T21:51:29.000000Z"}, {"uuid": "46b73525-2c80-476f-b232-ed6e2cac4a36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/information_security_channel/14993", "content": "More Chrome OS Devices Receive Meltdown, Spectre Patches\nhttp://feedproxy.google.com/~r/Securityweek/~3/GblQCUJarZ4/more-chrome-os-devices-receive-meltdown-spectre-patches\n\nThe latest stable channel update for Google\u2019s Chrome OS operating system includes mitigations for devices with Intel processors affected by the Spectre and Meltdown vulnerabilities.\nMeltdown and Spectre attacks exploit design flaws in Intel, AMD, ARM and other processors. They allow malicious applications to bypass memory isolation mechanisms and gain access to sensitive data.\nMeltdown attacks are possible due to CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). While Meltdown and Variant 1 can be addressed with software updates, Variant 2 also requires microcode updates from the manufacturers of the impacted processors. Software mitigations include kernel page-table isolation (KPTI/KAISER) and a technique developed by Google called Retpoline.\nMeltdown and Spectre were discovered independently by three teams of researchers. Google Project Zero researcher Jann Horn was one of the experts who found the flaws, which meant the company had enough time to work on patches before the details of the vulnerabilities were disclosed.\nIn the case of Chrome OS, Google rolled out the first Meltdown mitigations with the release (https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-chrome-os.html) of version 63 in mid-December, more than two weeks before public disclosure (https://www.securityweek.com/intel-amd-chip-vulnerabilities-put-billions-devices-risk).\nAt the time, Google rolled out the KPTI/KAISER patch to roughly 70 Intel-based Chromebook models from Acer, ASUS, Dell, HP, Lenovo, Samsung and others.\nGoogle released Chrome OS 65 (https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-chrome-os_19.html) on Monday and informed users that it includes the KPTI mitigation against Meltdown for additional Intel devices with version 3.14 of the kernel.\nA status page (https://www.chromium.org/chrome-os-devices-and-kernel-versions#TOC-Variant-1-CVE-2017-5753-) created by Google to help users track the availability of Meltdown and Spectre patches for Chrome OS shows that all older Chromebooks with Intel processors, including with kernel versions 3.14 and 3.8, should get the KPTI mitigation for Meltdown with the release of Chrome OS 66, which is currently scheduled for release on April 24.\nChrome OS 65 also brings the Retpoline mitigation for Spectre Variant 2 to all devices with Intel processors. Google noted that Variant 2 can be exploited using virtualization, and while Chrome OS devices don\u2019t use this type of feature, some measures have been taken to proactively protect users.\nIn the case of Spectre Variant 1, the eBPF feature in the Linux kernel can be abused for exploitation, but Chrome OS is not impacted as it disables eBPF, Google said.\nThe tech giant informs customers that Chrome OS devices with ARM processors are not affected by Meltdown. As for the Spectre vulnerabilities, Google says it has started integrating the firmware and kernel patches supplied by ARM, but release timelines have not been finalized.\nRelated: Intel Shares Details on New CPUs With Spectre, Meltdown Protections (https://www.securityweek.com/intel-shares-details-new-cpus-spectre-meltdown-protections)\nRelated: Microsoft Releases More Patches for Meltdown, Spectre (https://www.securityweek.com/microsoft-releases-more-patches-meltdown-spectre)", "creation_timestamp": "2018-03-22T16:08:23.000000Z"}, {"uuid": "d7cf8f69-ed49-42c1-948d-0ebd53293992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/SecLabNews/1339", "content": "\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Red Hat \u043e\u0442\u043e\u0437\u0432\u0430\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0441 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u043e\u043c (microcode_ctl \u0438 linux-firmware), \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u043e\u0435 16 \u044f\u043d\u0432\u0430\u0440\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u0442\u043e\u0440\u043e\u0433\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Spectre (CVE-2017-5715). \u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u043d\u044f\u0442\u043e \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430\u043c\u0438 \u0441\u043e \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e, \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0433\u043e \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0438 \u0436\u0430\u043b\u043e\u0431 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043d\u0430 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\nRed Hat \u043e\u0442\u043e\u0437\u0432\u0430\u043b\u0430 \u043f\u0430\u0442\u0447\u0438 \u0434\u043b\u044f Spectre \u0438\u0437-\u0437\u0430 \u0441\u0431\u043e\u0435\u0432", "creation_timestamp": "2018-01-21T12:54:33.000000Z"}, {"uuid": "e0785276-d04c-49cc-8f6c-d9d28fe6ffc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/3329", "content": "\u0421\u0432\u043e\u0434\u043d\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0438\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0438\u0445 \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u043e\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u043a\u043e\u043d\u0446\u0435\u043f\u0442 \u043d\u043e\u0432\u043e\u0439 side-channel \u0430\u0442\u0430\u043a\u0438 BranchScope, \u043e\u0447\u0435\u043d\u044c \u043f\u043e\u0445\u043e\u0436\u0435\u0439 \u043d\u0430 Spectre \u0432\u0430\u0440\u0438\u0430\u043d\u0442 2 (CVE-2017-5715).\n\nhttps://xakep.ru/2018/03/28/branchscope/", "creation_timestamp": "2018-03-28T22:40:16.000000Z"}, {"uuid": "aee8d8e1-add4-4b67-a303-b1a194bf2817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/SecLabNews/2083", "content": "\u041d\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u043e\u0441\u044c \u0441 \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0440\u0430\u0437\u0430 \u2013 \u043f\u043e\u043f\u044b\u0442\u0430\u0439\u0441\u044f \u0441\u043d\u043e\u0432\u0430. \u041f\u043e\u0445\u043e\u0436\u0435, \u0438\u043c\u0435\u043d\u043d\u043e \u0442\u0430\u043a\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u0438 \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f Microsoft \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f Spectre 2 (CVE-2017-5715). \u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f Windows, \u043f\u0440\u0438\u0437\u0432\u0430\u043d\u043d\u044b\u0445 \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u043f\u0435\u0447\u0430\u043b\u044c\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c.\n https://www.securitylab.ru/news/492966.php", "creation_timestamp": "2018-04-27T08:57:22.000000Z"}, {"uuid": "17351326-6e80-4aca-8d9e-606e33ac6536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/xakep_ru/3388", "content": "\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f AMD \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u044b, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 \u00ab\u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043d\u0443\u044e\u00bb \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spectre \u0432\u0430\u0440\u0438\u0430\u043d\u0442 2 (CVE-2017-5715). \u041f\u0430\u0442\u0447\u0438 \u0432\u044b\u0448\u043b\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e 2011 \u0433\u043e\u0434\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430.\n\nhttps://xakep.ru/2018/04/11/amd-vs-spectre/", "creation_timestamp": "2018-04-11T21:50:55.000000Z"}, {"uuid": "c447a35d-ffad-440f-93e4-8fc289b9b3e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "exploited", "source": "https://t.me/SecLabNews/1963", "content": "AMD \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b\u0445 \u0432\u0442\u043e\u0440\u043e\u043c\u0443 \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Spectre (CVE-2017-5715). \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c \u041f\u041a \u0438 \u043c\u0430\u0442\u0435\u0440\u0438\u043d\u0441\u043a\u0438\u0445 \u043f\u043b\u0430\u0442 \u0434\u043b\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0432 BIOS. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0434\u043e 2011 \u0433\u043e\u0434\u0430, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u043f\u0435\u0440\u0432\u044b\u0445 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u0440\u043e\u0432 \u043b\u0438\u043d\u0438\u0438 Bulldozer.    \nAMD \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 Spectre v2 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u043a\u043e\u0434\u0430", "creation_timestamp": "2018-04-12T10:20:36.000000Z"}, {"uuid": "8a4c3d7f-4aed-42f1-af64-a1a00d19a90a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/SecLabNews/4915", "content": "\u0414\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Windows 10 (\u0432\u0435\u0440\u0441\u0438\u0438 1809), \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0432\u0448\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Spectre Variant 2 (CVE-2017-5715), \u0432 \u0446\u0435\u043b\u044f\u0445 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Microsoft \u0441\u0434\u0435\u043b\u0430\u043b\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e Retpoline Spectre \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0439 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.    \n\u0412 Windows 10 \u0444\u0443\u043d\u043a\u0446\u0438\u044f Retpoline Spectre \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e", "creation_timestamp": "2019-05-16T09:34:04.000000Z"}, {"uuid": "1b73fd5b-ffb0-4de7-8bb9-22ba2186c7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "Telegram/GKkFCGvRxGEqKEAseTUTD4-zBmawces1yI9Z6wyS5cbRWuQ", "content": "", "creation_timestamp": "2021-01-22T17:58:15.000000Z"}, {"uuid": "a9baff82-1b19-4d52-8c8d-549dcb497c6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/VulnerabilityNews/27108", "content": "LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.\nPublished at: March 11, 2022 at 07:15PM\nView on website", "creation_timestamp": "2022-03-11T20:42:24.000000Z"}, {"uuid": "d85a734a-13de-49f1-8178-5894d231fb18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-5715", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8", "content": "#Research\n#Threat_Research\nReading privileged memory with a side-channel:\n- bounds check bypass (CVE-2017-5753);\n- branch target injection (CVE-2017-5715);\n- rogue data cache load (CVE-2017-5754);\nhttps://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html", "creation_timestamp": "2024-07-19T14:04:22.000000Z"}]}