HN Reader

KASLR is broken anyway, at least on x86, even with KPTI (a Linux feature to mitigate Meltdown) enabled. See https://www.willsroot.io/2022/12/entrybleed.html, which still runs fine (with some modifications depending on the microarchitecture) on the latest AMD and Intel hardware that we've checked.

It’s interesting that the KB that patches this on Windows 11 (KB5063878) is the same one that was tied up in all the Phison SSD drama.

I went to check when the bug had been patched, and was left wanting. I however lack the expertise to really appreciate how much danger exists in practice, or for whom. I just know I do have Win11 24H2 and "This leak primitive is particularly useful for Windows versions 24H2 or later"

Random: Perhaps that full source code leak in 2004 actually helped harden the kernel, long term?

https://betanews.com/2004/02/13/windows-source-leak-traces-b...

I find myself thinking "wow, what an obvious bug. How did Microsoft not catch that?" but then I think back to some of my own extremely obvious bugs. Thankfully my code is much lower impact.