As per the researchers thisvulnerability can be exploited remotely by using JavaScript.
The team claims this to be thefirst remote software-induced hardware fault attack.
The next bad news is that hackers canexploit this flaw through any webpage.
Websites usually have the JavaScript codes which aids in easy navigation of the site.
Next, hackersamalgamate the animations or imageswith theirmalwareand just wait patiently for the user to click this file.
Once user clicks the malicious animation or image, the crooks get an easy access to their computer.
JavaScript is strictly sandboxed and the language provides no possibility to retrieve virtual or physical addresses.
However, the usage of large pages allows determining parts of the physical address.
Another bad news is thatthere is no patch,as of now, to fix this issue!
Hopefully, Intel is working to get some solution to this issue soon.
For now, Apple and other hardware manufacturers havereleased BIOS updatesto reduce theRowhammerattacks.
source: www.techworm.net
