New BlindSide attack uses speculative execution to bypass ASLR

Academics have developed a new technique for attacking secure computer systems by abusing speculative execution, a CPU mechanism that’s normally used for performance optimizations. The technique, named BlindSide, was detailed in a paper [PDF] published last week by a team of academics from the Stevens Institute of Technology in New Jersey, ETH Zurich, and the Vrije University in Amsterdam.

Read full article on ZDNet