• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

CrossTalk is Another Intel-exclusive Security Vulnerability

AleksandarK

News Editor
Staff member
Joined
Aug 19, 2017
Messages
2,654 (0.99/day)
Intel has had quite a lot of work trying to patch all vulnerabilities discovered in the past two years. Starting from Spectre and Meltdown which exploited speculative execution of the processor to execute malicious code. The entire process of speculative execution relies on the microarchitectural technique for adding more performance called speculative branch prediction. This technique predicts branch paths and prepared them for execution, so the processor spends less time figuring out where and how will instructions flow through the CPU. So far, lots of these bugs have been ironed out with software, but a lot of older CPUs are vulnerable.

However, an attacker has always thought about doing malicious code execution on a CPU core shared with the victim, and never on multiple cores. This is where the new CrossTalk vulnerability comes in. Dubbed Special Register Buffer Data Sampling (SRBDS) by Intel, it is labeled as CVE-2020-0543 in the vulnerability identifier system. The CrossTalk is bypassing all intra-core patches against Spectre and Meltdown so it can attack any CPU core on the processor. It enables attacker-controlled code execution on one CPU core to leak sensitive data from victim software executing on a different core. This technique is quite dangerous for users of shared systems like in the cloud. Often, one instance is shared across multiple customers and until now they were safe from each other. The vulnerability uses Intel's SGX security enclave against the processor so it can be executed. To read about CrossTalk in detail, please visit the page here.


View at TechPowerUp Main Site
 
Joined
Mar 18, 2008
Messages
5,444 (0.89/day)
Location
Australia
System Name Night Rider | Mini LAN PC | Workhorse
Processor AMD R7 5800X3D | Ryzen 1600X | i7 970
Motherboard MSi AM4 Pro Carbon | GA- | Gigabyte EX58-UD5
Cooling Noctua U9S Twin Fan| Stock Cooler, Copper Core)| Big shairkan B
Memory 2x8GB DDR4 G.Skill Ripjaws 3600MHz| 2x8GB Corsair 3000 | 6x2GB DDR3 1300 Corsair
Video Card(s) MSI AMD 6750XT | 6500XT | MSI RX 580 8GB
Storage 1TB WD Black NVME / 250GB SSD /2TB WD Black | 500GB SSD WD, 2x1TB, 1x750 | WD 500 SSD/Seagate 320
Display(s) LG 27" 1440P| Samsung 20" S20C300L/DELL 15" | 22" DELL/19"DELL
Case LIAN LI PC-18 | Mini ATX Case (custom) | Atrix C4 9001
Audio Device(s) Onboard | Onbaord | Onboard
Power Supply Silverstone 850 | Silverstone Mini 450W | Corsair CX-750
Mouse Coolermaster Pro | Rapoo V900 | Gigabyte 6850X
Keyboard MAX Keyboard Nighthawk X8 | Creative Fatal1ty eluminx | Some POS Logitech
Software Windows 10 Pro 64 | Windows 10 Pro 64 | Windows 7 Pro 64/Windows 10 Home
tenor.gif
 
Joined
Oct 22, 2014
Messages
14,170 (3.81/day)
Location
Sunshine Coast
System Name H7 Flow 2024
Processor AMD 5800X3D
Motherboard Asus X570 Tough Gaming
Cooling Custom liquid
Memory 32 GB DDR4
Video Card(s) Intel ARC A750
Storage Crucial P5 Plus 2TB.
Display(s) AOC 24" Freesync 1m.s. 75Hz
Mouse Lenovo
Keyboard Eweadn Mechanical
Software W11 Pro 64 bit
"The vulnerability uses Intel's SGX security enclave against the processor so it can be executed"

Hasn't Intel stopped using SGX?
 
Joined
Aug 29, 2005
Messages
7,303 (1.04/day)
Location
Stuck somewhere in the 80's Jpop era....
System Name Lynni PS \ Lenowo TwinkPad L14 G2
Processor AMD Ryzen 7 7700 Raphael (Waiting on 9800X3D) \ i5-1135G7 Tiger Lake-U
Motherboard ASRock B650M PG Riptide Bios v. 3.10 AMD AGESA 1.2.0.2a \ Lenowo BDPLANAR Bios 1.68
Cooling Noctua NH-D15 Chromax.Black (Only middle fan) \ Lenowo C-267C-2
Memory G.Skill Flare X5 2x16GB DDR5 6000MHZ CL36-36-36-96 AMD EXPO \ Willk Elektronik 2x16GB 2666MHZ CL17
Video Card(s) Asus GeForce RTX™ 4070 Dual OC (Waiting on RX 8800 XT) | Intel® Iris® Xe Graphics
Storage Gigabyte M30 1TB|Sabrent Rocket 2TB| HDD: 10TB|1TB \ WD RED SN700 1TB
Display(s) KTC M27T20S 1440p@165Hz | LG 48CX OLED 4K HDR | Innolux 14" 1080p
Case Asus Prime AP201 White Mesh | Lenowo L14 G2 chassis
Audio Device(s) Steelseries Arctis Pro Wireless
Power Supply Be Quiet! Pure Power 12 M 750W Goldie | 65W
Mouse Logitech G305 Lightspeedy Wireless | Lenowo TouchPad & Logitech G305
Keyboard Ducky One 3 Daybreak Fullsize | L14 G2 UK Lumi
Software Win11 IoT Enterprise 24H2 UK | Win11 IoT Enterprise LTSC 24H2 UK / Arch (Fan)
Benchmark Scores 3DMARK: https://www.3dmark.com/3dm/89434432? GPU-Z: https://www.techpowerup.com/gpuz/details/v3zbr
"The vulnerability uses Intel's SGX security enclave against the processor so it can be executed"

Hasn't Intel stopped using SGX?

That's a negative, SGX is used for 4K/UHD blu-ray playback on computers which is also why this ain't working on AMD CPU/Graphics and Nvidia graphics.
 
Joined
Aug 29, 2005
Messages
7,303 (1.04/day)
Location
Stuck somewhere in the 80's Jpop era....
System Name Lynni PS \ Lenowo TwinkPad L14 G2
Processor AMD Ryzen 7 7700 Raphael (Waiting on 9800X3D) \ i5-1135G7 Tiger Lake-U
Motherboard ASRock B650M PG Riptide Bios v. 3.10 AMD AGESA 1.2.0.2a \ Lenowo BDPLANAR Bios 1.68
Cooling Noctua NH-D15 Chromax.Black (Only middle fan) \ Lenowo C-267C-2
Memory G.Skill Flare X5 2x16GB DDR5 6000MHZ CL36-36-36-96 AMD EXPO \ Willk Elektronik 2x16GB 2666MHZ CL17
Video Card(s) Asus GeForce RTX™ 4070 Dual OC (Waiting on RX 8800 XT) | Intel® Iris® Xe Graphics
Storage Gigabyte M30 1TB|Sabrent Rocket 2TB| HDD: 10TB|1TB \ WD RED SN700 1TB
Display(s) KTC M27T20S 1440p@165Hz | LG 48CX OLED 4K HDR | Innolux 14" 1080p
Case Asus Prime AP201 White Mesh | Lenowo L14 G2 chassis
Audio Device(s) Steelseries Arctis Pro Wireless
Power Supply Be Quiet! Pure Power 12 M 750W Goldie | 65W
Mouse Logitech G305 Lightspeedy Wireless | Lenowo TouchPad & Logitech G305
Keyboard Ducky One 3 Daybreak Fullsize | L14 G2 UK Lumi
Software Win11 IoT Enterprise 24H2 UK | Win11 IoT Enterprise LTSC 24H2 UK / Arch (Fan)
Benchmark Scores 3DMARK: https://www.3dmark.com/3dm/89434432? GPU-Z: https://www.techpowerup.com/gpuz/details/v3zbr
SGX is a hardware feature. They plan to stop using it with Tiger Lake iirc.

They properly won't if there isn't a replacement for 4K/UHD blu-ray it's depending on SGX for the encrypted playback from what I know.

I dropped it a couple of years back because it wasn't worth it because you could only play with on Intel CPU's that supported SGX and with Intel Onboard Graphics you couldn't even have a AMD or Nvidia card in the machine and the test and playback with fail.
 
Joined
Jun 29, 2018
Messages
542 (0.23/day)
There are two new vulnerabilities: CROSSTalk and SGAxe with only the latter using SGX.

CROSSTalk will be patched by microcode updates from Haswell to Comet Lake as denoted at Intel's site. Earlier models are vulnerable but WILL NOT be patched.

The worst case scenario is the RdRand instruction that gets its performance reduced by 97% as tested by Phoronix. Normal usage should not be affected apart from some cryptographic loads.

I'm a bit disappointed at the reporting quality for this issue on TPU...
 
Joined
Sep 17, 2014
Messages
22,673 (6.05/day)
Location
The Washing Machine
System Name Tiny the White Yeti
Processor 7800X3D
Motherboard MSI MAG Mortar b650m wifi
Cooling CPU: Thermalright Peerless Assassin / Case: Phanteks T30-120 x3
Memory 32GB Corsair Vengeance 30CL6000
Video Card(s) ASRock RX7900XT Phantom Gaming
Storage Lexar NM790 4TB + Samsung 850 EVO 1TB + Samsung 980 1TB + Crucial BX100 250GB
Display(s) Gigabyte G34QWC (3440x1440)
Case Lian Li A3 mATX White
Audio Device(s) Harman Kardon AVR137 + 2.1
Power Supply EVGA Supernova G2 750W
Mouse Steelseries Aerox 5
Keyboard Lenovo Thinkpad Trackpoint II
VR HMD HD 420 - Green Edition ;)
Software W11 IoT Enterprise LTSC
Benchmark Scores Over 9000
It starts to feel as if Intel is plugging one hole only to discover a few new ones.
 
Joined
Feb 23, 2016
Messages
135 (0.04/day)
System Name Computer!
Processor i7-6700K
Motherboard AsRock Z170 Extreme 7+
Cooling EKWB on CPU & GPU, 240 slim and 360 Monsta, Aquacomputer Aquabus D5, Aquaaero 6 Pro.
Memory 32Gb Kingston Hyper-X 3Ghz
Video Card(s) Asus 980 Ti Strix
Storage 2 x 950 Pro
Display(s) Old Acer thing
Case NZXT 440 Modded
Audio Device(s) onboard
Power Supply Seasonic PII 600W Platinum
Mouse Razer Deathadder Chroma
Keyboard Logitech G15
Software Win 10 Pro
@Melvis - Thanks, loudest LOL I've had today :D
 
Joined
Dec 10, 2015
Messages
545 (0.17/day)
Location
Here
System Name Skypas
Processor Intel Core i7-6700
Motherboard Asus H170 Pro Gaming
Cooling Cooler Master Hyper 212X Turbo
Memory Corsair Vengeance LPX 16GB
Video Card(s) MSI GTX 1060 Gaming X 6GB
Storage Corsair Neutron GTX 120GB + WD Blue 1TB
Display(s) LG 22EA63V
Case Corsair Carbide 400Q
Power Supply Seasonic SS-460FL2 w/ Deepcool XFan 120
Mouse Logitech B100
Keyboard Corsair Vengeance K70
Software Windows 10 Pro (to be replaced by 2025)
"...Intel-exclusive...", that line got me :roll:

"Intel-only" is another option for news post like this albeit less attractive
 
Joined
Sep 28, 2012
Messages
982 (0.22/day)
System Name Poor Man's PC
Processor Ryzen 7 9800X3D
Motherboard MSI B650M Mortar WiFi
Cooling Thermalright Phantom Spirit 120 with Arctic P12 Max fan
Memory 32GB GSkill Flare X5 DDR5 6000Mhz
Video Card(s) XFX Merc 310 Radeon RX 7900 XT
Storage XPG Gammix S70 Blade 2TB + 8 TB WD Ultrastar DC HC320
Display(s) Xiaomi G Pro 27i MiniLED
Case Asus A21 Case
Audio Device(s) MPow Air Wireless + Mi Soundbar
Power Supply Enermax Revolution DF 650W Gold
Mouse Logitech MX Anywhere 3
Keyboard Logitech Pro X + Kailh box heavy pale blue switch + Durock stabilizers
VR HMD Meta Quest 2
Benchmark Scores Who need bench when everything already fast?
Intel-exclusive Security Vulnerability

Man, that harsh :laugh:
 
Joined
Mar 10, 2010
Messages
11,878 (2.20/day)
Location
Manchester uk
System Name RyzenGtEvo/ Asus strix scar II
Processor Amd R5 5900X/ Intel 8750H
Motherboard Crosshair hero8 impact/Asus
Cooling 360EK extreme rad+ 360$EK slim all push, cpu ek suprim Gpu full cover all EK
Memory Corsair Vengeance Rgb pro 3600cas14 16Gb in four sticks./16Gb/16GB
Video Card(s) Powercolour RX7900XT Reference/Rtx 2060
Storage Silicon power 2TB nvme/8Tb external/1Tb samsung Evo nvme 2Tb sata ssd/1Tb nvme
Display(s) Samsung UAE28"850R 4k freesync.dell shiter
Case Lianli 011 dynamic/strix scar2
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup, corsair void pro headset
Power Supply corsair 1200Hxi/Asus stock
Mouse Roccat Kova/ Logitech G wireless
Keyboard Roccat Aimo 120
VR HMD Oculus rift
Software Win 10 Pro
Benchmark Scores 8726 vega 3dmark timespy/ laptop Timespy 6506
Where is the usual required access comments.

Do you need physical access, admin rights or the stupidest owner, is it remote execute possible etc.

All drama and little substance.

Do I smash my kaby lake CPU up or not? I dunno.
 
Joined
Jul 13, 2016
Messages
3,329 (1.08/day)
Processor Ryzen 7800X3D
Motherboard ASRock X670E Taichi
Cooling Noctua NH-D15 Chromax
Memory 32GB DDR5 6000 CL30
Video Card(s) MSI RTX 4090 Trio
Storage Too much
Display(s) Acer Predator XB3 27" 240 Hz
Case Thermaltake Core X9
Audio Device(s) Topping DX5, DCA Aeon II
Power Supply Seasonic Prime Titanium 850w
Mouse G305
Keyboard Wooting HE60
VR HMD Valve Index
Software Win 10
it's not funny anymore

It is because it's not in the slightest influencing people's decisions to purchase Intel products. No one cares about security until it's already too late.
 
Joined
Jul 25, 2006
Messages
13,330 (1.98/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
"...Intel-exclusive...", that line got me
Yeah. This one too: "an attacker has always thought about doing malicious code execution on a CPU core shared with the victim, and never on multiple cores."

I find it interesting how one knows how an attacker has always thought. :rolleyes:

And then of course, there's the big one where the title that claims CrossTalk is a security "vulnerability". No its not! :(

CrossTalk is a profiler tool developed by the security firm, VUSec (the "good guys"). See here (same link provided by author!) and note the following,
we built CrossTalk, a profiler to inspect the behavior of complex (“microcoded”) x86 instructions beyond the CPU core boundaries.
It is because it's not in the slightest influencing people's decisions to purchase Intel products. No one cares about security until it's already too late.
Well, that's not true, on both parts.

Part 1 - There are many who blindly believe those attention seeking rumor mongers in the IT media who try to convince everyone that if they own an Intel processor, all the bad guys have immediate access to all their data. So they have been influenced to never ever buy Intel.

Part 2 - While admittedly, there are some who neglect things until it is too late (like keeping regular backups of their data, using strong and unique passwords, wearing masks in crowds :twitch: etc.), there are also many who do their homework to learn the facts before panicking about something that does NOT affect them. See theoneandonlymrk's post above and note, AFAIK, there has not been one report of a Meltdown/Spectre compromise in the wild despite all the sky is falling warnings the world is about to end for all Intel users.
 
Joined
Jul 13, 2016
Messages
3,329 (1.08/day)
Processor Ryzen 7800X3D
Motherboard ASRock X670E Taichi
Cooling Noctua NH-D15 Chromax
Memory 32GB DDR5 6000 CL30
Video Card(s) MSI RTX 4090 Trio
Storage Too much
Display(s) Acer Predator XB3 27" 240 Hz
Case Thermaltake Core X9
Audio Device(s) Topping DX5, DCA Aeon II
Power Supply Seasonic Prime Titanium 850w
Mouse G305
Keyboard Wooting HE60
VR HMD Valve Index
Software Win 10
CrossTalk is a profiler tool developed by the security firm, VUSec (the "good guys"). See here (same link provided by author!) and note the following,
Well, that's not true, on both parts.

Part 1 - There are many who blindly believe those attention seeking rumor mongers in the IT media who try to convince everyone that if they own an Intel processor, all the bad guys have immediate access to all their data. So they have been influenced to never ever buy Intel.

Part 2 - While admittedly, there are some who neglect things until it is too late (like keeping regular backups of their data, using strong and unique passwords, wearing masks in crowds :twitch: etc.), there are also many who do their homework to learn the facts before panicking about something that does NOT affect them. See theoneandonlymrk's post above and note, AFAIK, there has not been one report of a Meltdown/Spectre compromise in the wild despite all the sky is falling warnings the world is about to end for all Intel users.

Sounds to me like you are basing your security recommendations off opinion.

Anyone with two hands can google a list of Intel vulnerabilities and see there are multiple remote access ones:

 
Joined
Jul 25, 2006
Messages
13,330 (1.98/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
Sounds to me like you are basing your security recommendations off opinion.
LOL And what is the following?
evernessince said:
It is because it's not in the slightest influencing people's decisions to purchase Intel products. No one cares about security until it's already too late.
Where did you Google that?

And while you learn to Google, you might want to learn what the difference is between a "vulnerability", and malware that has been developed and released out into the wild that can successfully bypass all other security measures (Windows itself, the router, the firewall, the anti-malware program, the deadbolts on my door, my Rottweiler, and my Glock 17) to gain access to that vulnerability, and "IS" infecting and exploiting that vulnerability.

Just because there is a vulnerability, that does not mean it can, or has been exploited.
 
Joined
Nov 21, 2010
Messages
2,355 (0.46/day)
Location
Right where I want to be
System Name Miami
Processor Ryzen 3800X
Motherboard Asus Crosshair VII Formula
Cooling Ek Velocity/ 2x 280mm Radiators/ Alphacool fullcover
Memory F4-3600C16Q-32GTZNC
Video Card(s) XFX 6900 XT Speedster 0
Storage 1TB WD M.2 SSD/ 2TB WD SN750/ 4TB WD Black HDD
Display(s) DELL AW3420DW / HP ZR24w
Case Lian Li O11 Dynamic XL
Audio Device(s) EVGA Nu Audio
Power Supply Seasonic Prime Gold 1000W+750W
Mouse Corsair Scimitar/Glorious Model O-
Keyboard Corsair K95 Platinum
Software Windows 10 Pro
Yeah. This one too: "an attacker has always thought about doing malicious code execution on a CPU core shared with the victim, and never on multiple cores."

I find it interesting how one knows how an attacker has always thought. :rolleyes:

And then of course, there's the big one where the title that claims CrossTalk is a security "vulnerability". No its not! :(

CrossTalk is a profiler tool developed by the security firm, VUSec (the "good guys"). See here (same link provided by author!) and note the following,
Well, that's not true, on both parts.

Part 1 - There are many who blindly believe those attention seeking rumor mongers in the IT media who try to convince everyone that if they own an Intel processor, all the bad guys have immediate access to all their data. So they have been influenced to never ever buy Intel.

Part 2 - While admittedly, there are some who neglect things until it is too late (like keeping regular backups of their data, using strong and unique passwords, wearing masks in crowds :twitch: etc.), there are also many who do their homework to learn the facts before panicking about something that does NOT affect them. See theoneandonlymrk's post above and note, AFAIK, there has not been one report of a Meltdown/Spectre compromise in the wild despite all the sky is falling warnings the world is about to end for all Intel users.

The vulnerabilty in the cpu is exposed when using crosstalk hence the vuln was named after it's clearly explained following the link.
 
Joined
Jul 25, 2006
Messages
13,330 (1.98/day)
Location
Nebraska, USA
System Name Brightworks Systems BWS-6 E-IV
Processor Intel Core i5-6600 @ 3.9GHz
Motherboard Gigabyte GA-Z170-HD3 Rev 1.0
Cooling Quality case, 2 x Fractal Design 140mm fans, stock CPU HSF
Memory 32GB (4 x 8GB) DDR4 3000 Corsair Vengeance
Video Card(s) EVGA GEForce GTX 1050Ti 4Gb GDDR5
Storage Samsung 850 Pro 256GB SSD, Samsung 860 Evo 500GB SSD
Display(s) Samsung S24E650BW LED x 2
Case Fractal Design Define R4
Power Supply EVGA Supernova 550W G2 Gold
Mouse Logitech M190
Keyboard Microsoft Wireless Comfort 5050
Software W10 Pro 64-bit
The vulnerabilty in the cpu is exposed when using crosstalk hence the vuln was named after it's clearly explained following the link.
:( I understand and already explained what Crosstalk is and isn't. And you quoted me explaining it! You even included the source link to the Crosstalk tool I posted - but you still missed the point. :rolleyes:

Crosstalk is a tool used to expose the vulnerability IN A CONTROLLED ENVIRONMENT! The official name of the vulnerability is, "special register buffer data sampling" or "SRBDS", officially designated CVE-2020-0543.

My point was about illustrating how some in the IT Media love to attract attention to themselves and their bylines with sensationalized, exaggerated or even false headlines that inaccurately paint others in a bad light!

I will not go so far as to call it "fake news", because as noted, it is, more or less, explained correctly later on - or at least includes links to the accurate information. But such irresponsible [so called] "journalism" :twitch: :rolleyes: leads to fake news and rumormongering - and that disgusts me. The IT media (and tech sites like TPU) should be setting the records straight - not simply parroting and "spinning" stories with inaccuracies and exaggerations.

Is the vulnerability real? Yes! Of course? Absolutely! So are Spectre and Meltdown.

But are they being "exploited" by the bad guys? NO!!!!!!! And why? Because like so many vulnerabilities (in processors, operating systems, networks, etc.) the bad guy must have physical access to the computer (or, maybe, be granted specific remote access by an authorized user). And the bad guy must have root (admin) access to the computer. That is, he or she must be in your home, sitting at your computer desk, and have access to an admin account on your computer, or you consciously granted the bad guy remote and admin access to your computer. Then he or she must bypass or disable all your security measures and then install and run special malware on your computer that can then exploit that vulnerability for their evil deeds.

Now if that scenario is likely in your computing environment, then I would say you have much greater security concerns than SRBDS, Spectre or Meltdown - and for sure, you do need to be worried.

However, because such "exploitation" is unlikely, Intel sales are NOT being impacted by those vulnerabilities.

So I say again, "Just because there is a vulnerability, that does not mean it can, or has been exploited." What it does mean, however, is AS ALWAYS, users must "practice safe computing". That is we must:

Keep our computers, operating systems, and security programs updated and current,​
Avoid risky behavior like visiting illegal pornography, gambling, and filesharing sites,​
Avoid public "hotspots" with admin level accounts,​
Use strong and unique passwords and passphrases,​
Ensure other, less "security-aware" users of that computer don't have root/admin access to that computer,​
Avoid being "click-happy" on unsolicited downloads, attachments, links, and popups.​

But of course, those are the same precautions all users must take regardless the processor, browser, OS or security program we use.
 
Top