Google experts published PoC exploit for Specter that is targeting browsers

Google engineers published a PoC exploit to demonstrate the effectiveness of using the Specter vulnerability in browsers to access information in memory.

This PoC exploit is reported to work with a wide range of architectures, operating systems, and hardware generations. It proves in practice that the protective mechanisms that developers have added to their browsers (for example, site isolation, Cross-Origin, Cross-Origin Read Blocking, and so on) do not actually work.

As a reminder, the original Specter issue (CVE-2017-5753) was discovered in 2018 along with the Meltdown bug. These fundamental flaws in the architecture of modern processors make it easy to break the isolation of the address space, read passwords, encryption keys, bank card numbers, arbitrary data of system and other user applications bypassing any security measures and on any OS.

Today we are sharing proof-of-concept code that validates the effectiveness of using Specter vulnerabilities against JavaScript engines. We use Google Chrome to demonstrate our attack, but these problems are not specific to Chrome, and we believe that other modern browsers are also vulnerable to this vector of exploitation.Google experts write.

The experts created a special interactive demo of the attack on the leaky.page website, and also posted a detailed description of their work on GitHub.

Below you can see a video showing a successful Google exploit attack on an Intel i7-6500U-based machine running Ubuntu with Chrome 88 on board.

Google believes that developers should use new security mechanisms to protect against Specter and other cross-site attacks. In addition to standard protections such as X-Content-Type-Options and X-Frame-Options, Google recommends using:

In addition, Google engineers have created an extension for Chrome called Spectroscope, which should help information security professionals and developers to protect their sites from Specter. The extension scans web applications looking for resources where additional protections might be enabled.

Note that earlier this month, French cyber security specialist Julien Voisin discovered on VirusTotal “combat” exploits for the Specter vulnerability targeting Windows and Linux.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *