In response to reports regarding Forcepoint findings that WebAssembly (or WA or Wasm) changes may make Meltdown & Spectre browser patches ineffective, Virsec offers perspective.
Satya Gupta, CTO and Co-founder at Virsec:
“This latest issue demonstrates that the fundamental chip flaws that have allowed Meltdown & Spectre cannot be fully patched externally – at the browser level. In this case, WebAssembly programming tools can leverage the performance gains – and security vulnerabilities – of chip-level speculative execution, even if the browser has been patched to prevent it. Ultimately, Meltdown & Spectre can only be solved at the process memory level.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
