Results for Spectre

Threat Research

Third Time Is a Charm: Patch Redux

In a previous blog post, the FortiGuard Labs team analyzed the implementation of Spectre and detailed the technical implementation of Kernel Virtual Address Shadow (KVAS), which is a key feature used to block the Meltdown attack. We decided to perform a deep dive analysis of the new patch (particularly the patch for x86) and share the results in this blog post.

By Minh Tran April 06, 2018

Threat Research

Troopers - Day 1

I am currently at Troopers, a well-known German hacking conference in Heidelberg. I had heard many positive reports on about this conference, especially their awesome hardware badge, and am glad I finally got to speak there. My talk was on hacking a smart toothbrush, and why it's important to secure any connected device, even those - like toothbrushes - that seem harmless. If you missed my talk, my slides will soon be online:, check the Fortiguard Research Centre. Now, let's focus on some of today's talks.

By Axelle Apvrille March 14, 2018

Threat Research

Meltdown/Spectre Update

In addition to establishing an aggressive and proactive patch-and-replace protocol, it is essential that organizations have layers of security in place designed to detect malicious activity and malware, and to protect vulnerable systems.

By FortiGuard SE Team January 30, 2018

Threat Research

A Deep Dive Analysis of Microsoft’s Kernel Virtual Address Shadow Feature

One of the key features of Microsoft‘s patches is the “Kernel Virtual Address Shadow” (a term coined by Microsoft), or KVAS for short. This feature effectively blocks the Meltdown attack, as it leaves very little kernel memory accessible to user mode code. In this blog post we provide a deep dive analysis of this feature.

By Minh Tran January 25, 2018

Into the Implementation of Spectre

In this blog post, we will get into the details of the implementation of Spectre, the exploit that targets the vulnerbilities found in CPUs built by AMD, ARM, and Intel. We assume you are familiar with the concept of the attack, and you can inspect the Proof of Concept source code provided in the Appendix of the paper linked above. You might also find it easier to read this blog post with the source code side by side.

By Axelle Apvrille January 17, 2018

Dr. StrangePatch or: How I Learned to Stop Worrying (about Meltdown and Spectre) and Love Security Advisory ADV180002

  Introduction 2018 truly is starting off with a bang: fundamental CPU flaws dubbed Meltdown and Spectre were found affecting pretty much all modern processors developed since the Pentium Pro (1995). These flaws root in two critical CPU features: Out of Order Execution and Speculative Execution, which are crucial for performance. Since this is an important feature and not a bug, it is inherently hard to fix. Furthermore, for performance reasons, speculative execution is almost always implemented in hardware, so “fixes”...

By Minh Tran January 12, 2018

Business and Technology

Fortinet Advisory on New Spectre and Meltdown Vulnerabilities

Earlier this week, it was announced that researchers uncovered two new side channel attacks that exploit newly discovered vulnerabilities found in most CPU processors, including those from Intel, AMD, and ARM. These vulnerabilities allow malicious userspace processes to read kernel memory, thereby potentially causing sensitive kernel information to leak. These vulnerabilities are known as Meltdown and Spectre.

By Fortinet January 04, 2018