Tweet
Does dBpoweramp use Javascript from a remote website/server when
* Downloading metadata?
* Searching the Internet for additional album art?
The issue is would running such Javascript allow for a Spectre Variant 2 (CVE-2017-5715) attack? This attack requires processors to have an update microcode to prevent, which is not available for all machines. If dBpoweramp does not execute Javascript (or other code) from a remote source, then I don't think the attack can happen.
* Downloading metadata?
* Searching the Internet for additional album art?
The issue is would running such Javascript allow for a Spectre Variant 2 (CVE-2017-5715) attack? This attack requires processors to have an update microcode to prevent, which is not available for all machines. If dBpoweramp does not execute Javascript (or other code) from a remote source, then I don't think the attack can happen.
Comment