Navigation section
kb4056890
About this tag
KB4056890 is a Microsoft security update that addresses speculative execution side-channel attacks, including the vulnerabilities disclosed by Google Project Zero. This update provides mitigations for Microsoft Edge and Internet Explorer 11, preventing attackers from using JavaScript to access memory in the browser process. The tag covers discussions about the update's role in protecting against these hardware-level vulnerabilities, its impact on browser behavior, and its inclusion in Microsoft's broader response to side-channel attacks like Spectre and Meltdown. Users seeking information on this specific KB will find threads detailing the update's purpose, installation, and security implications for Windows systems.
-
Mitigating speculative execution side-channel attacks in Microsoft Edge and Internet Explorer
Today, Google Project Zero published details of a class of vulnerabilities which can be exploited by speculative execution side-channel attacks. These techniques can be used via JavaScript code running in the browser, which may allow attackers to gain access to memory in the attacker’s process...- News
- Thread
- attack prevention browser security cpu cache fall creators internet explorer javascript john hazen kb4056890 memory access microsoft edge mitigation performance project zero security updates sharedarraybuffer side-channel speculative execution update vulnerability windows 10
- Replies: 0
- Forum: Live RSS Feeds