A Dutch researchers have discovered a chip flaw that could nullify hacking protections for millions of devices. The flaw can not be entirely fixed with any mere software update. The vulnerability resides in the way the memory management unit (MMU) works and leads to bypass the Address Space Space Layout Randomization (ASLR) protection. The attack, dubbed ASLR Cache or AnC, is particularly serious because it uses simple JavaScript code to identify the base addresses in memory where system and application components are executed. The researchers successfully exploited AnC JavaScript attacks via up-to-date Chrome and Firefox web browsers on 22 different CPU micro-architectures.
Source: https://thehackernews.com/2017/02/bypass-aslr-browser-javascript.html