01-15-2018, 06:10 PM
(01-11-2018, 04:45 PM)reactor Wrote: This only would stop a Javascript based attack.
https://repl.it/repls/DeliriousGreenOxpecker
If you can read the letter "The Magic Words are Squeamish Ossifrage." it means that theorically any website can steal your complete browser session with a few javascript. You log into your bank account, then you visit a rogue website = your credentials are stolen.
The other bug, Spectre, involves two known attack strategies so far, and is far more difficult to patch. (And in fact, it may be impossible to defend against it entirely in the long term without updating hardware.)
https://www.wired.com/story/meltdown-and...ility-fix/
Ok, first of all, that script running will just check if the LOCAL system is vulnerable. That means the server that is running the script is vulnerable.
If you want to check your PC, then download the code, compile it and run it on your system.
Second, we actually need a new update ASAP. https://xlab.tencent.com/special/spectre...check.html Confirms that Cent is vulnerable.